CVE-2022-22786

HIGH Year: 2022
CVSS v3 Score
8.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-494
View all →

Vulnerability Description

The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version.

Related Vulnerabilities

CVE-2018-19234

HIGH
CVSS:8.8(High)

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update val...

CWE-4942018

CVE-2018-4009

HIGH
CVSS:8.8(High)

An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their ...

CWE-4942018

CVE-2019-12809

HIGH
CVSS:8.8(High)

Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the Activ...

CWE-4942019

CVE-2020-1210

HIGH
CVSS:8.8(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnera...

CWE-4942020

CVE-2020-1576

HIGH
CVSS:8.8(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnera...

CWE-4942020

CVE-2020-1595

HIGH
CVSS:8.8(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run ...

CWE-4942020