vulnerability

Zoom: CVE-2021-34412: Zoom for Windows Installer Local Privilege Escalation

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Sep 30, 2021	Nov 14, 2023	Jun 16, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Sep 30, 2021

Added

Nov 14, 2023

Modified

Jun 16, 2025

Description

During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

Solution

zoom-zoom-upgrade-latest

References

CVE-2021-34412
https://attackerkb.com/topics/CVE-2021-34412
URL-https://explore.zoom.us/en/trust/security/security-bulletin

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today