Unverified Signature Vulnerability in Zoom Client for Windows Installer

Unverified Signature Vulnerability in Zoom Client for Windows Installer

CVE-2021-34420 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.

Learn more about our Cis Benchmark Audit For Zoom.