CVE-2022-22786 Update package downgrade in Zoom Client for Meetings for Windows

🗓️ 18 May 2022 15:42:46Reported by ZoomType

Zoom Client for Windows downgrade CVE-2022-2278

Reporter	Title	Published	Views	Family All 17
ATTACKERKB	CVE-2022-22786	17 May 202212:00	–	attackerkb
BDU FSTEC	The vulnerability of Zoom video conferencing software for Windows lies in the improper checking of the currently installed software version during updates. This allows a malicious individual to circumvent certain security restrictions.	6 Jun 202200:00	–	bdu_fstec
Circl	CVE-2022-22786	18 May 202220:28	–	circl
CNNVD	多款Zoom产品安全漏洞	18 May 202200:00	–	cnnvd
CVE	CVE-2022-22786	18 May 202215:42	–	cve
EUVD	EUVD-2022-27929	3 Oct 202520:07	–	euvd
Kaspersky	KLA12539 Multiple vulnerabilities in Zoom	17 May 202200:00	–	kaspersky
Malwarebytes	Insights into your unpatched vulnerabilities	11 Dec 202310:17	–	malwarebytes
NVD	CVE-2022-22786	18 May 202216:15	–	nvd
OpenVAS	Zoom Client < 5.10.0 Multiple Vulnerabilities (ZSB-22006, ZSB-22007, ZSB-22008, ZSB-22009) - Windows	19 May 202200:00	–	openvas

[
  {
    "product": "Zoom Client for Meetings for Windows",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.10.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom Rooms for Conference Room for Windows",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.10.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
explore	www.explore.zoom.us/en/trust/security/security-bulletin

18 May 2022 15:42Current

9.1High risk

Vulners AI Score9.1

CVSS 3.17.5

EPSS0.00331