CVE-2023-34119
11.07.2023, 18:15
Insecure temporary file in the installer for Zoom Rooms for Windowsbefore version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.Enginsight
| Vendor | Product | Version |
|---|---|---|
| zoom | rooms | 𝑥 < 5.15.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-426 - Untrusted Search PathThe application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
- CWE-668 - Exposure of Resource to Wrong SphereThe product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.