CVE-2022-22788

The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host.

CVSS v3 7.8 HIGH
CVSS v2.0 6.9 MEDIUM

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://explore.zoom.us/en/trust/security/security-bulletin/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zoom:meetings::::::windows::*
	cpe:2.3:a:zoom:rooms::::::windows::*

History

27 Jun 2022, 17:54

Type	Values Removed	Values Added
First Time		Zoom rooms Zoom Zoom meetings
CWE		CWE-427
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 6.9 v3 : 7.8
CPE		cpe:2.3:a:zoom:meetings::::::windows::* cpe:2.3:a:zoom:rooms::::::windows::*
References	~~(MISC) https://explore.zoom.us/en/trust/security/security-bulletin/ -~~	(MISC) https://explore.zoom.us/en/trust/security/security-bulletin/ - Vendor Advisory

15 Jun 2022, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-06-15 21:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-22788

Mitre link : CVE-2022-22788

CVE.ORG link : CVE-2022-22788

JSON object : View

Products Affected

zoom

meetings
rooms

CWE

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2022-22788", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "security@zoom.us", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2022-06-15T21:15:09.243", "references": [{"url": "https://explore.zoom.us/en/trust/security/security-bulletin/", "tags": ["Vendor Advisory"], "source": "security@zoom.us"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host."}, {"lang": "es", "value": "El instalador de Zoom Opener es descargado por un usuario desde la p\u00e1gina de inicio de reuniones, cuando intenta unirse a una reuni\u00f3n sin tener instalado el cliente de reuniones de Zoom. El instalador de Zoom Opener para Zoom Client for Meetings versiones anteriores a 5.10.3 y Zoom Rooms for Conference Room para Windows versiones anteriores a 5.10.3, son susceptibles de un ataque de inyecci\u00f3n de DLL. Esta vulnerabilidad podr\u00eda usarse para ejecutar c\u00f3digo arbitrario en el host de la v\u00edctima"}], "lastModified": "2022-06-27T17:54:05.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zoom:meetings:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "9A9C49F0-3217-457C-A0B1-7F5C8E8CEC75", "versionEndExcluding": "5.10.3"}, {"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "D23D8639-6B13-4EA7-AA8B-08F359466343", "versionEndExcluding": "5.10.3"}], "operator": "OR"}]}], "sourceIdentifier": "security@zoom.us"}