Lucene search

ZoomCVELIST:CVE-2022-36927

HistoryJan 09, 2023 - 12:00 a.m.

CVE-2022-36927 Local Privilege Escalation in Zoom Rooms for macOS Clients

2023-01-0900:00:00

CWE-367

Zoom

www.cve.org

cve-2022-36927

zoom rooms

macos

local privilege escalation

vulnerability

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.

CNA Affected

[
  {
    "vendor": "Zoom Video Communications Inc",
    "product": "Zoom Rooms for macOS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "5.11.3",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

explore.zoom.us/en/trust/security/security-bulletin/

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-36927