Vulnerability Details CVE-2022-28757
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.7%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-28757
-
cpe:2.3:a:zoom:meetings:5.10.6
-
cpe:2.3:a:zoom:meetings:5.11.3
-
cpe:2.3:a:zoom:meetings:5.11.5
-
cpe:2.3:a:zoom:meetings:5.7.3
-
cpe:2.3:a:zoom:meetings:5.7.4
-
cpe:2.3:a:zoom:meetings:5.7.5
-
cpe:2.3:a:zoom:meetings:5.7.6
-
cpe:2.3:a:zoom:meetings:5.8.0
-
cpe:2.3:a:zoom:meetings:5.9.6