CVE-2023-28596

Name of the Vulnerable Software and Affected Versions Zoom Client for IT Admin macOS installers versions prior to 5.13.5

Description The issue is related to a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to root. The vulnerability is also associated with an uncontrolled search path element.

Recommendations For versions prior to 5.13.5, update to version 5.13.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the installation process to minimize the risk of exploitation.