Zoom Rooms For Macos
Approved changes feed: RSS · Atom
cpe:2.3:a:zoom_video_communications_inc:zoom_rooms_for_macos:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Zoom Video Communications Inc (35e29925-d897-5a03-b7c4-27ce30ad5789) |
|---|---|
| Product | Zoom Rooms For Macos (5f0e16c0-1622-5d59-88f6-3e998c84a290) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-36927 |
vulnerable | 2026-06-03 14:47:41.060118 |
Local Privilege Escalation in Zoom Rooms for macOS Clients
HIGH (8.8)
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Published: 2023-01-09T00:00:00.000Z
Updated: 2025-04-09T14:31:47.826Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-36926 |
vulnerable | 2026-06-03 14:47:41.059741 |
Local Privilege Escalation in Zoom Rooms for macOS Clients
HIGH (8.8)
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Published: 2023-01-09T00:00:00.000Z
Updated: 2025-04-09T14:31:27.018Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-36925 |
vulnerable | 2026-06-03 14:47:41.058784 |
Insecure key generation for Zoom Rooms for macOS Clients
MEDIUM (4.4)
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism. The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service.
Published: 2023-01-09T00:00:00.000Z
Updated: 2025-04-09T14:33:28.921Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.