Update Your Zoom Rooms App Now: Latest Version Patches Critical Privilege Escalation Flaw

CVECVE-2023-43590
CVSScvssV3_1: 7.8
SourceCVE-2023-43590

Zoom Rooms for macOS versions prior to 5.16.0 are affected by a critical privilege escalation vulnerability. Attackers with local access on a targeted system could exploit this flaw to gain elevated privileges.

Zoom Rooms is a video conferencing software that allows users to host and join meetings and calls from conference rooms equipped with dedicated hardware. The issue arises in how the app handles internal links. A malicious actor able to access an unattended machine could craft a specially crafted link triggering an escalation of privileges when clicked.

Thankfully, Zoom has released an update, version 5.16.0, which patches this security hole. All Zoom Rooms for macOS users are strongly recommended to update immediately. To protect yourself, be sure to have your Zoom Rooms app set to automatically install updates. You can also manually check for updates by opening the app and selecting “Zoom Rooms > Check for Updates”. Staying vigilant about updating any software with a known vulnerability is key to maintaining good cybersecurity hygiene.

References