CVE-2021-34413
First published: Mon Sep 27 2021(Updated: )
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Zoom Plugin For Microsoft Outlook | <5.3.52553.0918 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Zoom Plugin for Microsoft Outlook vulnerability?
The vulnerability ID is CVE-2021-34413.
What is the affected software?
The affected software is the Zoom Plugin for Microsoft Outlook for MacOS versions before 5.3.52553.0918.
What is the severity of CVE-2021-34413?
The severity of CVE-2021-34413 is high with a score of 7.5.
What is the CWE (Common Weakness Enumeration) ID for this vulnerability?
The CWE ID for this vulnerability is 367.
How can I fix this vulnerability?
To fix this vulnerability, update the Zoom Plugin for Microsoft Outlook for MacOS to version 5.3.52553.0918 or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zoom
- canonical/zoom zoom plugin for microsoft outlook