CVE-2020-11469
First published: Wed Apr 01 2020(Updated: )
Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Meetings | <=4.6.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Zoom vulnerability?
The vulnerability ID for this Zoom vulnerability is CVE-2020-11469.
What is the severity of CVE-2020-11469?
The severity of CVE-2020-11469 is high with a CVSS score of 7.8.
How does CVE-2020-11469 affect Zoom?
CVE-2020-11469 affects Zoom Client for Meetings through version 4.6.8 on macOS.
What is the impact of CVE-2020-11469?
The impact of CVE-2020-11469 is that a local process with the user's privileges can obtain root access by replacing runwithroot.
How can I fix CVE-2020-11469?
To fix CVE-2020-11469, users should update their Zoom Client for Meetings to a version higher than 4.6.8.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- vendor/zoom
- canonical/zoom meetings
- version/zoom meetings/4.6.8