Unrated severityNVD Advisory· Published Jan 9, 2023· Updated Apr 9, 2025
Insecure key generation for Zoom Rooms for macOS Clients
CVE-2022-36925
Description
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism. The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.11.4
- Zoom Video Communications Inc/Zoom Rooms for macOSv5Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.