Rewterz Threat Alert – APT Machete (APT-C-43) – Active IOCs
May 10, 2022Rewterz Threat Alert – APT29 Cozy Bear – Active IOCs
May 10, 2022Rewterz Threat Alert – APT Machete (APT-C-43) – Active IOCs
May 10, 2022Rewterz Threat Alert – APT29 Cozy Bear – Active IOCs
May 10, 2022Severity
High
Analysis Summary
CVE-2022-22782
Multiple Zoom products could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the installer repair operation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges or delete system level files or folders
Impact
- Privilage Escalation
Indicators Of Compromise
CVE
- CVE-2022-22782
Affected Vendors
- Zoom
Affected Products
- Zoom Client for Meetings for Windows 4.9.7
- Zoom Rooms for Conference Room for Windows 5.10.0
- Zoom Plugins for Microsoft Outlook for Windows 5.10.3
- Zoom VDI Windows Meeting Clients 5.9.6
Remediation
Refer to Zoom Security Advisory for patch, upgrade or suggested workaround information.