CVE-2021-34410
First published: Mon Sep 27 2021(Updated: )
A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Zoom Plugin For Microsoft Outlook | <5.0.25611.0521 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Zoom Plugin vulnerability?
The vulnerability ID for this Zoom Plugin vulnerability is CVE-2021-34410.
What is the title of this Zoom Plugin vulnerability?
The title of this Zoom Plugin vulnerability is 'A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.'
What is the severity of CVE-2021-34410?
The severity of CVE-2021-34410 is high with a severity value of 7.8.
Which versions of the Zoom Plugin are affected by CVE-2021-34410?
All versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 are affected by CVE-2021-34410.
How can privilege escalation to root be achieved through this Zoom Plugin vulnerability?
Privilege escalation to root can be achieved through this Zoom Plugin vulnerability by exploiting a user-writable application bundle that is unpacked during the installation process.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/zoom
- canonical/zoom zoom plugin for microsoft outlook