CRITICAL🇵🇱 Wersja polska

CVE-2021-33907

CVSS 9.8v3.1pub. 2021-09-27upd. 2024-11-21

The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zoom Meetings

    APP
    Zoom
    < 5.3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-34423CRITICAL9.8ten sam produkt

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, an...

CVE-2023-28596HIGH7.8ten sam produkt

Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerabi...

CVE-2023-22883HIGH7.2ten sam produkt

Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnera...

CVE-2022-28768HIGH8.8ten sam produkt

The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a ...

CVE-2022-28763HIGH8.8ten sam produkt

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptibl...