CVE-2021-34413
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.
Todas las versiones de Zoom Plugin for Microsoft Outlook para MacOS anteriores a 5.3.52553.0918, contienen una vulnerabilidad de tipo Time-of-check Time-of-use (TOC/TOU) durante el proceso de instalación del plugin. Esto podría permitir a un usuario estándar escribir su propia aplicación maliciosa en el directorio del plugin, permitiendo que la aplicación maliciosa se ejecute en un contexto privilegiado
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-09 CVE Reserved
- 2021-09-27 CVE Published
- 2023-04-20 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://explore.zoom.us/en/trust/security/security-bulletin | 2021-10-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Zoom Search vendor "Zoom" | Zoom Plugin For Microsoft Outlook Search vendor "Zoom" for product "Zoom Plugin For Microsoft Outlook" | < 5.3.52553.0918 Search vendor "Zoom" for product "Zoom Plugin For Microsoft Outlook" and version " < 5.3.52553.0918" | windows |
Affected
|