CVE-2021-34408

Summary

The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable directory used and a non-user writable directory.

Affected Software

VendorProductVersion RangeStatus
n/aZoom Client for Meetings for WindowsAll versions of the Zoom Client for Meetings for Windows before version 5.3.2affected

Weaknesses

  • External Control of Filename or Path

ADP Enrichment

CVE Program Container

Additional References

References