Privilege Escalation Vulnerability in Zoom for Windows Clients

Privilege Escalation Vulnerability in Zoom for Windows Clients

CVE-2023-34120 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges.

Learn more about our Cis Benchmark Audit For Zoom.