CVE-2021-34420
Description
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customers computer.
Risk Information
Base Score
7.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.119
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-34420 are fixed in Zoom (x64) (5.15.7.20303) | Windows |
| Vulnerabilities CVE-2021-34420 are fixed in Zoom (5.15.7.20303) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-332244 | Zoom (x64) (5.15.7.20303) |
| PATCH-332243 | Zoom (5.15.7.20303) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234