// For flags

CVE-2022-22782

Local privilege escalation in Windows Zoom Clients

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine.

Zoom Client for Meetings para Windows versiones anteriores a 5.9.7, Zoom Rooms for Conference Room para Windows versiones anteriores a 5.10.0, Zoom Plugins for Microsoft Outlook para Windows versiones anteriores a 5.10.3 y Zoom VDI Windows Meeting Clients versiones anteriores a 5.9.6; eran susceptibles de un problema de escalada de privilegios local durante la operación de reparación del instalador. Un actor malicioso podría usar esto para eliminar potencialmente archivos o carpetas a nivel de sistema, causando problemas de integridad o disponibilidad en la máquina anfitriona del usuario

This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the installer. By creating a symbolic link, an attacker can abuse the installer to delete a directory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

*Credits: Zero Day Initiative
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-01-07 CVE Reserved
  • 2022-04-28 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://explore.zoom.us/en/trust/security/security-bulletin 2023-08-08
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zoom
Search vendor "Zoom"
 Meetings
Search vendor "Zoom" for product "Meetings"
 < 5.9.7
Search vendor "Zoom" for product "Meetings" and version " < 5.9.7"
windows
Affected
Zoom
Search vendor "Zoom"
 Rooms For Conference Rooms
Search vendor "Zoom" for product "Rooms For Conference Rooms"
 < 5.10.0
Search vendor "Zoom" for product "Rooms For Conference Rooms" and version " < 5.10.0"
windows
Affected
Zoom
Search vendor "Zoom"
 Vdi Windows Meeting Clients
Search vendor "Zoom" for product "Vdi Windows Meeting Clients"
 < 5.9.6
Search vendor "Zoom" for product "Vdi Windows Meeting Clients" and version " < 5.9.6"
-
Affected
Zoom
Search vendor "Zoom"
 Zoom Plugin For Microsoft Outlook
Search vendor "Zoom" for product "Zoom Plugin For Microsoft Outlook"
 < 5.10.3
Search vendor "Zoom" for product "Zoom Plugin For Microsoft Outlook" and version " < 5.10.3"
windows
Affected