CRITICAL🇬🇧 English

CVE-2021-33907

CVSS 9.8v3.1pub. 2021-09-27upd. 2024-11-21

The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zoom Meetings

    APP
    Zoom
    < 5.3.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2021-34423CRITICAL9.8ten sam produkt

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, an...

CVE-2023-28596HIGH7.8ten sam produkt

Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerabi...

CVE-2023-22883HIGH7.2ten sam produkt

Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnera...

CVE-2022-28768HIGH8.8ten sam produkt

The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a ...

CVE-2022-28763HIGH8.8ten sam produkt

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptibl...