CVE-2022-36929
First published: Mon Jan 09 2023(Updated: )
The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Rooms | <5.12.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-36929?
CVE-2022-36929 is a local privilege escalation vulnerability in the Zoom Rooms Installer for Windows prior to version 5.12.6.
Who is affected by CVE-2022-36929?
Any user running Zoom Rooms Installer for Windows versions prior to 5.12.6 is affected by CVE-2022-36929.
How does CVE-2022-36929 impact users?
CVE-2022-36929 allows a local low-privileged user to escalate their privileges to the SYSTEM user during the install process.
What is the severity of CVE-2022-36929?
CVE-2022-36929 has a severity score of 7.8, which is classified as high.
How can I fix CVE-2022-36929?
To fix CVE-2022-36929, users should update their Zoom Rooms Installer for Windows to version 5.12.6 or newer.
- collector/nvd-index
- vendor/zoom
- canonical/zoom rooms