Vulnerability in Zoom Meetings
CVE-2022-22781
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currentl…
EPSS: 0.004 (31.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Zoom Meetings
- Zoom Video Communications Inc Client For Meetings Macos (Standard And It Admin) — versions unspecified
Weakness classification (CWE)
References
- security@zoom.us (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-22781?
- CVE-2022-22781 is a high-severity vulnerability in Zoom Meetings, classified under Improper Validation of Integrity Check Value. CVSS score: 7.5/10. Published 2022-04-28.
- How severe is CVE-2022-22781?
- High severity. CVSS v3 base score is 7.5 out of 10.