Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Zoom Windows installation executable signature bypass
Vulnerability Description
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Zoom Client 数据伪造问题漏洞
Vulnerability Description
ZOOM Client是美国ZOOM公司的一款支持多种平台的视频会议客户端应用程序。 Zoom Client for Meetings 5.5.4之前版本的windows 安装程序存在数据伪造问题漏洞,该漏洞源于未正确验证扩展名为.msi、.ps1和.bat的文件的签名。攻击者可利用该漏洞在客户的计算机上安装恶意软件。
CVSS Information
N/A
Vulnerability Type
N/A