CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28751 – Local Privilege Escalation in Zoom Client for Meetings for MacOS
https://notcve.org/view.php?id=CVE-2022-28751
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. ... Zoom Client for Meetings para MacOS (estándar y para IT Admin) versiones anteriores a 5.11.3, contiene una vulnerabilidad en la comprobación de la firma del paquete durante el proceso de actualización. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28756 – Local Privilege Escalation in Auto Updater for Zoom Client for Meetings for macOS
https://notcve.org/view.php?id=CVE-2022-28756
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. ... Zoom Client for Meetings para macOS (estándar y para IT Admin) a partir de la versión 5.7.3 y anteriores a 5.11.5, contiene una vulnerabilidad en el proceso de actualización automática. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.9EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22782 – Local privilege escalation in Windows Zoom Clients
https://notcve.org/view.php?id=CVE-2022-22782
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. ... Zoom Client for Meetings para Windows versiones anteriores a 5.9.7, Zoom Rooms for Conference Room para Windows versiones anteriores a 5.10.0, Zoom Plugins for Microsoft Outlook para Windows versiones anteriores a 5.10.3 y Zoom VDI Windows Meeting Clients versiones anteriores a 5.9.6; eran susceptibles de un problema de escalada de privilegios local durante la operación de reparación del instalador. Un actor malicioso podría usar esto para eliminar potencialmente archivos o carpetas a nivel de sistema, causando problemas de integridad o disponibilidad en la máquina anfitriona del usuario This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://explore.zoom.us/en/trust/security/security-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34412
https://notcve.org/view.php?id=CVE-2021-34412
During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. Durante el proceso de instalación de todas las versiones de Zoom Client for Meetings para Windows anteriores a 5.4.0, es posible iniciar Internet Explorer. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34411
https://notcve.org/view.php?id=CVE-2021-34411
If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. Durante el proceso de instalación de Zoom Rooms for Conference Room para Windows versiones anteriores a 5.3.0, es posible iniciar Internet Explorer con privilegios elevados. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-269: Improper Privilege Management •