CVE-2022-28751

Summary

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications IncZoom Client for Meetings for MacOSunspecified < 5.11.3affected

Weaknesses

  • CWE-347: CWE-347 Improper Verification of Cryptographic Signature

ADP Enrichment

CVE Program Container

Additional References

References