Zoom Rooms
Monthly
Local privilege escalation in Zoom Rooms for Windows versions prior to 7.0.0 allows an authenticated user to gain elevated privileges through an untrusted search path weakness in the installer. The flaw (CWE-426) carries a CVSS 7.8 (High) rating with complete confidentiality, integrity, and availability impact, though EPSS exploitation probability is very low (0.01%) and there is no public exploit identified at time of analysis. CISA SSVC indicates no observed exploitation but total technical impact, making this a credible insider-threat or post-compromise escalation vector rather than an internet-facing risk.
Local privilege escalation in Zoom Rooms for Windows versions prior to 7.0.0 allows an authenticated user to gain elevated privileges through an untrusted search path weakness in the installer. The flaw (CWE-426) carries a CVSS 7.8 (High) rating with complete confidentiality, integrity, and availability impact, though EPSS exploitation probability is very low (0.01%) and there is no public exploit identified at time of analysis. CISA SSVC indicates no observed exploitation but total technical impact, making this a credible insider-threat or post-compromise escalation vector rather than an internet-facing risk.