Zoom Rooms For Conference Room For Windows
by Zoom Video Communications, Inc.
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-39212 | 0.00 | — | 0.00 | Aug 8, 2023 | Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. | |||
| CVE-2023-36538 | 0.00 | — | 0.00 | Jul 11, 2023 | Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | |||
| CVE-2023-36537 | 0.00 | — | 0.00 | Jul 11, 2023 | Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | |||
| CVE-2023-36536 | 0.00 | — | 0.00 | Jul 11, 2023 | Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | |||
| CVE-2023-34119 | 0.00 | — | 0.00 | Jul 11, 2023 | Insecure temporary file in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | |||
| CVE-2023-34118 | 0.00 | — | 0.00 | Jul 11, 2023 | Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | |||
| CVE-2023-22880 | 0.00 | — | 0.01 | Mar 16, 2023 | Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5.13.5 and Zoom VDI for Windows clients before 5.13.1 contain an information disclosure vulnerability. A recent update to the Microsoft Edge WebView2 runtime used by the affected Zoom… | |||
| CVE-2022-36930 | 0.00 | — | 0.00 | Jan 9, 2023 | Zoom Rooms for Windows installers before version 5.13.0 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user. | |||
| CVE-2022-36929 | 0.00 | — | 0.00 | Jan 9, 2023 | The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. | |||
| CVE-2022-28766 | 0.00 | — | 0.01 | Nov 17, 2022 | Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of… | |||
| CVE-2022-28764 | 0.00 | — | 0.00 | Nov 14, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure… | |||
| CVE-2022-28763 | 0.00 | — | 0.01 | Oct 31, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading… | |||
| CVE-2022-28752 | 0.00 | — | 0.00 | Aug 17, 2022 | Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. A local low-privileged malicious user could exploit this vulnerability to escalate their privileges to the SYSTEM user. | |||
| CVE-2022-22788 | 0.00 | — | 0.01 | Jun 15, 2022 | The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for… | |||
| CVE-2022-22786 | 0.00 | — | 0.02 | May 18, 2022 | The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a… | |||
| CVE-2022-22782 | 0.00 | — | 0.00 | Apr 28, 2022 | The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was… | |||
| CVE-2021-34409 | 0.00 | — | 0.00 | Sep 27, 2021 | It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy… |
- CVE-2023-39212Aug 8, 2023risk 0.00cvss —epss 0.00
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.
- CVE-2023-36538Jul 11, 2023risk 0.00cvss —epss 0.00
Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
- CVE-2023-36537Jul 11, 2023risk 0.00cvss —epss 0.00
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
- CVE-2023-36536Jul 11, 2023risk 0.00cvss —epss 0.00
Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
- CVE-2023-34119Jul 11, 2023risk 0.00cvss —epss 0.00
Insecure temporary file in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
- CVE-2023-34118Jul 11, 2023risk 0.00cvss —epss 0.00
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
- CVE-2023-22880Mar 16, 2023risk 0.00cvss —epss 0.01
Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5.13.5 and Zoom VDI for Windows clients before 5.13.1 contain an information disclosure vulnerability. A recent update to the Microsoft Edge WebView2 runtime used by the affected Zoom…
- CVE-2022-36930Jan 9, 2023risk 0.00cvss —epss 0.00
Zoom Rooms for Windows installers before version 5.13.0 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.
- CVE-2022-36929Jan 9, 2023risk 0.00cvss —epss 0.00
The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.
- CVE-2022-28766Nov 17, 2022risk 0.00cvss —epss 0.01
Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of…
- CVE-2022-28764Nov 14, 2022risk 0.00cvss —epss 0.00
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure…
- CVE-2022-28763Oct 31, 2022risk 0.00cvss —epss 0.01
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading…
- CVE-2022-28752Aug 17, 2022risk 0.00cvss —epss 0.00
Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. A local low-privileged malicious user could exploit this vulnerability to escalate their privileges to the SYSTEM user.
- CVE-2022-22788Jun 15, 2022risk 0.00cvss —epss 0.01
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for…
- CVE-2022-22786May 18, 2022risk 0.00cvss —epss 0.02
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a…
- CVE-2022-22782Apr 28, 2022risk 0.00cvss —epss 0.00
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was…
- CVE-2021-34409Sep 27, 2021risk 0.00cvss —epss 0.00
It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy…