Zoom Security Flaws let Attackers Escalate Privileges

Zoom has launched security patches for 6 high and 1 low severity vulnerabilities, allowing threat actors to escalate privileges and narrate gorgeous info.

The CVSS Rating of these vulnerabilities ranges between 3.3 (low) and eight.4 (Excessive).

CVE(s):

Excessive Severity Vulnerabilities

CVE-2023-36538: Execrable obtain admission to manage results in privilege escalation in Zoom rooms

This vulnerability exists due to downhearted obtain admission to manage on Zoom rooms in Zoom variations lower than 5.15.0, allowing an authenticated person to escalate privileges by task of native obtain admission to.

CVE-2023-36536: Untrusted search course results in privilege escalation

This vulnerability exists due to an untrusted search course in the installer of Zoom rooms sooner than model 5.15.0 which permits an authenticated person to escalate privileges by task of native obtain admission to.

CVE-2023-34119: Alarmed short file results in privilege escalation

This vulnerability exists due to an anxious file on the installer of Zoom rooms variations sooner than 5.15.0, allowing an authenticated person to escalate privileges by task of native obtain admission to.

CVE-2023-34116: Execrable input validation in Zoom results in privilege escalation

This vulnerability exists due to downhearted input validation in Zoom Desktop for Windows variations sooner than 5.15.0, allowing an authenticated person to escalate privileges by task of native obtain admission to.

The vulnerabilities are found and reported to Zoom by sim0nsecurity.

The above-mentioned are four of the very excellent-severity vulnerabilities which were mounted by Zoom and significant patches were launched.

For more info on the patches, Zoom has launched a security advisory for these vulnerabilities. Users are prompt to upgrade their Zoom variations to fix these vulnerabilities.