CVE-2023-36538

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 11, 2023

Updated: Jul 19, 2023

CWE ID 284

Summary

CVE-2023-36538 is a vulnerability affecting Zoom Rooms for Windows prior to version 5.15.0. An authenticated user can exploit improper access controls to gain elevated privileges locally, potentially leading to serious security consequences. By bypassing intended access restrictions, an attacker may install unauthorized software, change configurations, or access sensitive data. Organizations using Zoom Rooms for Windows are strongly advised to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zoom Rooms

Affected Vendors

Zoom Video Communications, Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9Q-Sc
https://www.cve.org/CVERecord?id=CVE-2023-36538
https://nvd.nist.gov/vuln/detail/CVE-2023-36538

Back to Vulnerability Database