CVE-2022-22782
Summary
| CVE | CVE-2022-22782 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-28 15:15:00 UTC |
| Updated | 2023-08-08 14:21:00 UTC |
| Description | The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zoom | Meetings | All | All | All | All |
| Application | Zoom | Rooms For Conference Rooms | All | All | All | All |
| Application | Zoom | Vdi Windows Meeting Clients | All | All | All | All |
| Application | Zoom | Zoom Plugin For Microsoft Outlook | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Bulletins | Zoom | MISC | explore.zoom.us | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Zero Day Initiative
Legacy QID Mappings
- 376621 Zoom VDI Local privilege escalation Vulnerability (ZSB-22004)
- 376622 Zoom Plugins for Microsoft Outlook Local Privilege Escalation for Windows (ZSB-22004)
- 376623 Zoom Rooms Local privilege escalation Vulnerability (ZSB-22004)
- 376624 Zoom Client Local privilege escalation Vulnerability (ZSB-22004)