Описание
During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.
Уязвимость клиента для проведения аудио- и видеоконференций в режиме реального времени Zoom Client for Meetings for Windows, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3
4.6 Medium
CVSS2