CVE-2022-28756 - The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and b

CVE-2022-28756

Summary

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.

References

https://explore.zoom.us/en/trust/security/security-bulletin/

Vulnerable Configurations

cpe:2.3:a:zoom:meetings:5.7.3:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.3:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.4:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.4:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.5:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.5:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.6:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.7.6:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.8.0:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meetings:5.8.0:*:*:*:*:macos:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

16-08-2022 - 17:13

Published

15-08-2022 - 23:15

Last modified

16-08-2022 - 17:13