Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HZoom Rooms
APPZoom< 6.6.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2025-49457CRITICAL9.6PL ✓ten sam produkt
Untrusted search path w klientach Zoom dla Windows — privilege escalation przez sieć
CVE-2024-24691CRITICAL9.6PL ✓ten sam produkt
Privilege escalation w Zoom Desktop Client, VDI Client i Meeting SDK dla Windows
CVE-2026-30906HIGH7.8ten sam produkt
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authentica...
CVE-2026-30901HIGH7.0ten sam produkt
Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user...
CVE-2026-30902HIGH7.8ten sam produkt
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct a...