Vulnerability in Zoom Meetings
CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a…
EPSS: 0.015 (71.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Zoom Meetings
- Zoom Rooms
- Zoom Video Communications Inc Client For Meetings Windows — versions unspecified
- Zoom Video Communications Inc Rooms For Conference Room Windows — versions unspecified
Weakness classification (CWE)
References
- security@zoom.us (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-22786?
- CVE-2022-22786 is a high-severity vulnerability in Zoom Meetings, classified under Download of Code Without Integrity Check. CVSS score: 7.5/10. Published 2022-05-18.
- How severe is CVE-2022-22786?
- High severity. CVSS v3 base score is 7.5 out of 10.