CVE-2022-36927
published 2023-01-09CVE-2022-36927: Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this…
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.21%
10.9th percentile
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zoom | rooms | < 5.11.3 | 5.11.3 |
| zoom_video_communications_inc | zoom_rooms_for_macos | >= unspecified < 5.11.3 | 5.11.3 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Zoom Rooms up to 5.11.2 on macOS toctou (EUVD-2022-39585)
vuldb·2026-06-18·CVSS 7.8
CVE-2022-36927 [HIGH] Zoom Rooms up to 5.11.2 on macOS toctou (EUVD-2022-39585)
A vulnerability was found in Zoom Rooms up to 5.11.2 on macOS. It has been declared as very critical. This affects an unknown function. Executing a manipulation can lead to time-of-check time-of-use.
This vulnerability is registered as CVE-2022-36927. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.
GHSA
GHSA-3wc2-c7g8-w9pm: Zoom Rooms for macOS clients before version 5
ghsa_unreviewed·2023-01-09
CVE-2022-36927 [HIGH] GHSA-3wc2-c7g8-w9pm: Zoom Rooms for macOS clients before version 5
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-01-09
Published