vulnerability

Zoom Zoom: CVE-2021-34412: Zoom for Windows Installer Local Privilege Escalation

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Sep 30, 2021	Nov 14, 2023	Feb 9, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Sep 30, 2021

Added

Nov 14, 2023

Modified

Feb 9, 2026

Description

During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates fromhttps://zoom.us/download.

Solution

zoom-zoom-upgrade-latest

References

CVE-2021-34412
https://attackerkb.com/topics/CVE-2021-34412
URL-https://www.zoom.com/en/trust/security-bulletin/ZSB-21008
CWE-269

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today