CVE-2021-34409 Zoom Client Installer Local Privilege Escalation

2021-09-2713:55:40

Zoom

www.cve.org

zoom

privilege escalation

macos

shell scripts

zoom rooms

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post- installation shell scripts to a user-writable directory. In the affected products listed below, a malicious actor with local access to a user’s machine could use this flaw to potentially run arbitrary system commands in a higher privileged context during the installation process.

CNA Affected

[
  {
    "product": "Zoom Client for Meetings for MacOS (Standard and for IT Admin)",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.2.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom Client Plugin for Sharing iPhone/iPad",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.2.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom Rooms for Conference",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.1.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]