Vulnerability in Zoom Meetings
CVE-2021-34409
It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for C…
EPSS: 0.002 (8.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Zoom Meetings
- Zoom Rooms
- Zoom Screen_sharing
- Zoom Video Communications Inc Client For Meetings Macos (Standard And It Admin) — versions unspecified
- Zoom Video Communications Inc Client Plugin For Sharing Iphone/ipad — versions unspecified
- Zoom Video Communications Inc Rooms For Conference — versions unspecified
Weakness classification (CWE)
References
- security@zoom.us (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-34409?
- CVE-2021-34409 is a high-severity vulnerability in Zoom Meetings, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 7.8/10. Published 2021-09-27.
- How severe is CVE-2021-34409?
- High severity. CVSS v3 base score is 7.8 out of 10.