CVE-2022-22788
DLL injection in Zoom Opener installer for Zoom and Zoom Rooms clients
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host.
El instalador de Zoom Opener es descargado por un usuario desde la página de inicio de reuniones, cuando intenta unirse a una reunión sin tener instalado el cliente de reuniones de Zoom. El instalador de Zoom Opener para Zoom Client for Meetings versiones anteriores a 5.10.3 y Zoom Rooms for Conference Room para Windows versiones anteriores a 5.10.3, son susceptibles de un ataque de inyección de DLL. Esta vulnerabilidad podría usarse para ejecutar código arbitrario en el host de la víctima
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-07 CVE Reserved
- 2022-06-15 CVE Published
- 2024-01-06 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://explore.zoom.us/en/trust/security/security-bulletin | 2022-06-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Zoom Search vendor "Zoom" | Meetings Search vendor "Zoom" for product "Meetings" | < 5.10.3 Search vendor "Zoom" for product "Meetings" and version " < 5.10.3" | windows |
Affected
| ||||||
Zoom Search vendor "Zoom" | Rooms Search vendor "Zoom" for product "Rooms" | < 5.10.3 Search vendor "Zoom" for product "Rooms" and version " < 5.10.3" | windows |
Affected
|