Zoom addressed four “high” severity vulnerabilities impacting its videoconferencing platform Zoom Rooms.
Below are the details for the bugs addressed by the company:
CVE-2022-36930 (CVSS Score 8.2) – Local Privilege Escalation in Rooms for Windows Installers.
The issue affects Rooms for Windows installers before version 5.13.0.
“A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.” reads the advisory published by the company.
CVE-2022-36929 – (CVSS Score 7.8) – Local Privilege Escalation in Rooms for Windows Clients.
The flaw affects Rooms for Windows clients before version 5.12.7. A local low-privileged user could exploit this vulnerability to escalate their privileges to the SYSTEM user.
CVE-2022-36926 – CVE-2022-36927 – (CVSS Score 8.8) – Local Privilege Escalation in Zoom Rooms for macOS Clients. The flaw affects Rooms for macOS clients before version 5.11.3. The issue can be exploited by a local low-privileged user to escalate their privileges to root.
The communications technology company also addressed two “Medium” severity bugs:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Rooms)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.