QID 378079

Date Published: 2023-03-16

QID 378079: Zoom Client for Meetings Multiple Security Vulnerabilities (ZSB-23003)

Zoom provides video communications with a cloud platform for video and audio conferencing, chat, and webinars across mobile, desktop, and room systems.

Affected Versions:
Zoom Client for Meetings for IT Admin Windows installers before version 5.13.5 QID Detection Logic (Authenticated):
This authenticated QID detects vulnerable Zoom Client prior to version 5.13.5(Windows)

A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user.

  • CVSS V3 rated as High - 7.8 severity.
  • CVSS V2 rated as Medium - 5.4 severity.
  • Solution
    Customers are advised to upgrade to Zoom Client 5.13.5(Windows) or later to remediate these vulnerabilities.

    CVEs related to QID 378079

    Software Advisories
    Advisory ID Software Component Link
    ZSB-23003 URL Logo explore.zoom.us/en/trust/security/security-bulletin/