Zoom MSI Installer Elevated Write Using A Junction

Bulletin: ZSB-21004
CVEID: CVE-2021-34408
CVSS Severity: High
CVSS Score: 7
CVSS Vector String: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Description:

A user-writable directory created during the installation of the Zoom Client for Meetings for Windows version prior to version 5.3.2 can be redirected to another location using a junction. This would allow an attacker to overwrite files that a limited user would otherwise be unable to modify.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Client for Meetings for Windows prior to version 5.3.2

Source:

Reported by the Lockheed Martin Red Team

Revision	Date	Description
1.0	09/30/2021	Initial Publication

Zoom MSI Installer Elevated Write Using A Junction

Subscribe for updates