Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges.
References
Link | Resource |
---|---|
https://explore.zoom.us/en/trust/security/security-bulletin/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Jun 2023, 20:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://explore.zoom.us/en/trust/security/security-bulletin/ - Vendor Advisory | |
First Time |
Zoom
Microsoft windows Microsoft Zoom virtual Desktop Infrastructure |
13 Jun 2023, 18:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-13 18:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-34120
Mitre link : CVE-2023-34120
CVE.ORG link : CVE-2023-34120
JSON object : View
Products Affected
microsoft
- windows
zoom
- virtual_desktop_infrastructure
CWE