What is CVE-2022-28751?

A high-severity vulnerability in the Zoom Client for Meetings on MacOS could allow local low-privileged users to escalate their privileges to root. Organizations should prioritize patching immediately.

What is the severity of CVE-2022-28751?

CVE-2022-28751 has a severity rating of HIGH with a CVSS base score of 8.8.

CVE-2022-28751 | Zoom

CVE-2022-28751 is a high-severity vulnerability affecting the Zoom Client for Meetings on MacOS, specifically versions prior to 5.11.3. This vulnerability allows a local low-privileged user to exploit weaknesses in the package signature validation process during updates, potentially escalating their privileges to root. With a CVSS score of 8.8, the urgency for organizations to address this vulnerability is critical.

The risk to organizations includes unauthorized access and system integrity compromise, making it essential for defenders to prioritize remediation efforts. The potential impacts are significant, covering confidentiality, integrity, and availability.

Currently, there are no known exploits in the wild, nor is this vulnerability included in the Known Exploited Vulnerabilities (KEV) catalog. However, organizations should not underestimate the risk associated with this vulnerability.

Organizations should prioritize patching immediately. The vendor has released an update to address this issue, and timely remediation will mitigate potential risks significantly.

Vulnerability Details

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. The vulnerability is classified under CWE-347.

This vulnerability has been assigned a CVSS score of 8.8, indicating it is of high severity. The attack vector is local, and the attack complexity is low. Privileges required to exploit the vulnerability are low, and user interaction is not required.

The vulnerability impacts the confidentiality, integrity, and availability of the affected system, which emphasizes the necessity for prompt action.

Technical Analysis

The root cause of this vulnerability lies in the improper validation of package signatures during the update process. This flaw enables local low-privileged users to craft malicious updates that could be accepted by the client, leading to privilege escalation.

The attack vector is local, meaning that an attacker must have access to the affected system to exploit this vulnerability. The attack complexity is classified as low, indicating that the exploit can be executed without significant effort.

No user interaction is required for the attack, which further increases the risk. The impacts of a successful exploit are severe, with high confidentiality, integrity, and availability impacts, potentially leading to full system compromise.

Risk & Impact Analysis

Organizations utilizing the affected versions of the Zoom Client for Meetings face significant risks. The ability for a local user to escalate privileges to root can compromise entire systems, leading to unauthorized access to sensitive information.

The blast radius of this vulnerability is considerable, as it can affect any system running the outdated software. Given the high CVSS score, organizations should assess the potential for exploitation and prioritize patching within their security update cycles.

Urgency is heightened as the integrity and confidentiality of organizational data are at stake. Organizations should address this vulnerability in their priority patch cycle to prevent potential exploitation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of the Zoom Client for Meetings on MacOS prior to version 5.11.3 are affected by this vulnerability. Organizations should ensure they upgrade to the latest version to mitigate this risk.

Mitigation & Remediation

To mitigate this vulnerability, organizations should upgrade their Zoom Client for Meetings to version 5.11.3 or later. If immediate updating is not possible, consider implementing the following workarounds:

1. Restrict local user privileges to prevent unauthorized access.

2. Monitor for unusual application behavior indicative of exploitation attempts.

3. Review and strengthen application security configurations.

For organizations looking for comprehensive security assessments, engaging in application security assessment can help identify and remediate similar vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-28751: High Vulnerability in Zoom Meetings