Lucene search
HistoryAug 15, 2022 - 11:15 p.m.
CVE-2022-28756
zoom
mac
vulnerability
privilege escalation
update process
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Affected configurations
Node
zoommeetingsRange5.7.3–5.11.5macos
Related
nessus
nessus
Zoom Client 5.7.3 < 5.11.5 Privilege Escalation
2022-08-16 00:00:00
Zoom Client for Meetings 5.7.3 < 5.11.5 Vulnerability (ZSB-22018)
2022-12-15 00:00:00
Zoom Client for Meetings 5.7.3 < 5.11.6 Vulnerability (ZSB-22019)
2022-12-15 00:00:00
openvas
openvas
prion
prion
Input validation
2022-08-15 23:15:00
cvelist
cvelist
cve
cve
CVE-2022-28756
2022-08-15 23:15:07
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2022-28756