Security & Vulnerability Researcher / Professional Penetration Tester

CVE-2021-34408 - Zoom - Improper Link Resolution Before File Access

Zoom MSI Installer Elevated Write Using A Junction - A user-writable directory created during the installation of the Zoom Client for Meetings for Windows version prior to version 5.3.2 can be redirected to another location using a junction. This would allow an attacker to overwrite files that a limited user would otherwise be unable to modify.

Zoom Security Bulletin ZSB-21004

buy me a coffee