CVE-2021-34411
First published: Mon Sep 27 2021(Updated: )
During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Rooms | <5.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-34411?
CVE-2021-34411 is a vulnerability that allows for local privilege escalation during the installation process of Zoom Rooms for Conference Room for Windows before version 5.3.0.
How can CVE-2021-34411 be exploited?
CVE-2021-34411 can be exploited by launching Internet Explorer with elevated privileges during the installation process of Zoom Rooms for Conference Room for Windows before version 5.3.0.
What is the severity of CVE-2021-34411?
CVE-2021-34411 has a severity rating of 7.8, which is considered high.
Which software versions are affected by CVE-2021-34411?
CVE-2021-34411 affects Zoom Rooms for Conference Room for Windows versions up to, but exclusive of, 5.3.0.
How can I fix CVE-2021-34411?
To fix CVE-2021-34411, update Zoom Rooms for Conference Room for Windows to version 5.3.0 or later.
- collector/nvd-index
- agent/references
- vendor/zoom
- canonical/zoom rooms