Security Bulletins

Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.

severityFilters apply upon selection
Type
Type
ZSB Title Severity CVE Date Published Date Updated
ZSB-24026 Zoom Workplace Apps and SDKs - Improper Privilege Management Medium CVE-2024-39819 07/09/2024 07/11/2024
ZSB-24028 Zoom Workplace App for Windows and Zoom Rooms App for Windows - Race Condition Medium CVE-2024-39821 07/09/2024 07/09/2024
ZSB-24027 Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element Medium CVE-2024-39820 07/09/2024 07/09/2024
ZSB-24024 Zoom Workplace Desktop App for Windows - Improper Input Validation Medium CVE-2024-39827 07/09/2024 07/09/2024
ZSB-24023 Zoom Workplace Apps and SDKs - Path traversal Medium CVE-2024-39826 07/09/2024 07/09/2024
ZSB-24021 Zoom Apps and SDKs - Race Condition Medium CVE-2024-27238 07/09/2024 07/09/2024
ZSB-24020 Zoom Apps and SDKs - Improper Input Validation Medium CVE-2024-27241 07/09/2024 07/09/2024
ZSB-24019 Zoom Apps for Windows - Improper Input Validation High CVE-2024-27240 07/09/2024 07/09/2024
ZSB-24018 Zoom Workplace Apps and SDKs - Divide By Zero Medium CVE-2024-27239 06/11/2024 06/17/2024
ZSB-24017 Zoom Workplace Apps and SDKs - Use After Free Medium CVE-2024-27246 06/11/2024 06/17/2024
ZSB-24016 Zoom Workplace Apps and SDKs - Buffer Overflow Medium CVE-2024-27245 06/11/2024 06/17/2024
ZSB-24015 Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity Medium CVE-2024-27244 05/14/2024 05/14/2024
ZSB-24014 Zoom Apps - Buffer Overflow Medium CVE-2024-27243 05/14/2024 05/14/2024
ZSB-24013 Zoom Desktop Client for Linux - Cross Site Scripting Low CVE-2024-27242 04/09/2024 04/09/2024
ZSB-24012 Zoom Desktop Client for macOS - Improper Privilege Management Medium CVE-2024-27247 04/09/2024 04/09/2024
ZSB-24011 Zoom Desktop Client for Windows - Improper Privilege Management Medium CVE-2024-24694 04/09/2024 04/09/2024
ZSB-24010 Zoom Rooms Client for Windows - Improper Access Control High CVE-2024-24693 03/12/2024 03/13/2024
ZSB-24009 Zoom Rooms Client for Windows - Race Condition Medium CVE-2024-24692 03/12/2024 03/12/2024
ZSB-24008 Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation Critical CVE-2024-24691 02/13/2024 02/13/2024
ZSB-24007 Zoom Clients - Improper Input Validation Medium CVE-2024-24690 02/13/2024 02/13/2024
ZSB-24006 Zoom Clients - Business Logic Error Medium CVE-2024-24699 02/13/2024 02/13/2024
ZSB-24005 Zoom Clients - Improper Authentication Medium CVE-2024-24698 02/13/2024 02/13/2024
ZSB-24004 Zoom Clients - Untrusted Search Path High CVE-2024-24697 02/13/2024 02/13/2024
ZSB-24003 Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation Medium CVE-2024-24696 02/13/2024 02/13/2024
ZSB-24002 Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation Medium CVE-2024-24695 02/13/2024 02/13/2024
ZSB-24001 Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows- Improper Access Control High CVE-2023-49647 01/09/2024 01/09/2024
ZSB-23062 Zoom Clients - Improper Authentication Medium CVE-2023-49646 12/12/2023 12/12/2023
ZSB-23059 Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows - Path Traversal High CVE-2023-43586 12/12/2023 12/12/2023
ZSB-23058 Zoom Mobile App for iOS and SDKs for iOS - Improper Access Control High CVE-2023-43585 12/12/2023 12/12/2023
ZSB-23056 Zoom Mobile App for Android, Zoom Mobile App for iOS and Zoom SDKs - Cryptographic Issues Medium CVE-2023-43583 12/12/2023 12/12/2023
ZSB-23055 Zoom Clients - Improper Authorization Medium CVE-2023-43582 11/14/2023 11/14/2023
ZSB-23054 Zoom Rooms for macOS - Improper Privilege Management High CVE-2023-43591 11/14/2023 11/14/2023
ZSB-23053 Zoom Rooms for macOS - Link Following High CVE-2023-43590 11/14/2023 11/14/2023
ZSB-23052 Zoom Clients - Insufficient Control Flow Management Low CVE-2023-43588 11/14/2023 11/14/2023
ZSB-23051 ZoomClients - Cryptographic Issues Medium CVE-2023-39199 11/14/2023 11/14/2023
ZSB-23050 Zoom Clients - Buffer Overflow Low CVE-2023-39206 11/14/2023 11/14/2023
ZSB-23049 Zoom Clients - Improper Conditions Check Medium CVE-2023-39205 11/14/2023 11/14/2023
ZSB-23048 Zoom Clients - Buffer Overflow Medium CVE-2023-39204 11/14/2023 11/14/2023
ZSB-23047 Zoom Desktop Client for Windows and Zoom VDI Client - Uncontrolled Resource Consumption Medium CVE-2023-39203 11/14/2023 11/14/2023
ZSB-23045 CleanZoom - Untrusted Search Path High CVE-2023-39201 09/12/2023 09/12/2023
ZSB-23043 Zoom Desktop Client for Linux - Improper Input Validation Medium CVE-2023-39208 09/12/2023 09/12/2023
ZSB-23040 Zoom Clients - Improper Authentication High CVE-2023-39215 09/12/2023 09/12/2023
ZSB-23041 Zoom Desktop Client for Windows - Improper Input Validation Medium CVE-2023-39209 08/08/2023 08/08/2023
ZSB-23039 Zoom Client’s - Exposure of Sensitive Information High CVE-2023-39214 08/08/2023 08/08/2023
ZSB-23038 Zoom Desktop Client for Windows and Zoom VDI Client - Improper Neutralization of Special Elements Critical CVE-2023-39213 08/08/2023 08/08/2023
ZSB-23037 Zoom Rooms for Windows - Untrusted Search Path High CVE-2023-39212 08/08/2023 08/08/2023
ZSB-23036 Zoom Desktop Client for Windows and Zoom Rooms for Windows - Improper Privilege Management High CVE-2023-39211 08/08/2023 08/08/2023
ZSB-23035 Zoom Client SDK for Windows - Clear text Storage of Sensitive Information Medium CVE-2023-39210 08/08/2023 08/08/2023
ZSB-23034 Zoom Clients - Client-Side Enforcement of Server-Side Security Medium CVE-2023-39218 08/08/2023 08/08/2023
ZSB-23033 Zoom Client’s - Improper Input Validation Medium CVE-2023-39217 08/08/2023 08/08/2023
ZSB-23032 Zoom Desktop Client for Windows - Improper Input Validation Critical CVE-2023-39216 08/08/2023 08/08/2023
ZSB-23031 Zoom Clients - Client-Side Enforcement of Server-Side Security High CVE-2023-36535 08/08/2023 08/08/2023
ZSB-23030 Zoom Desktop Client for Windows - Path Traversal Critical CVE-2023-36534 08/08/2023 08/08/2023
ZSB-23029 Zoom SDK’s - Uncontrolled Resource Consumption High CVE-2023-36533 08/08/2023 08/08/2023
ZSB-23028 Zoom Clients - Buffer Overflow Medium CVE-2023-36532 08/08/2023 08/08/2023
ZSB-23027 Zoom Desktop Client for Windows - Insufficient Verification of Data Authenticity High CVE-2023-36541 08/08/2023 08/08/2023
ZSB-23026 Zoom Desktop Client for Windows - Untrusted Search Path High CVE-2023-36540 08/08/2023 08/08/2023
ZSB-23024 Improper Access Control High CVE-2023-36538 07/11/2023 07/11/2023
ZSB-23023 Improper Privilege Management High CVE-2023-36537 07/11/2023 07/11/2023
ZSB-23022 Untrusted Search Path High CVE-2023-36536 07/11/2023 07/11/2023
ZSB-23021 Insecure Temporary File High CVE-2023-34119 07/11/2023 07/11/2023
ZSB-23020 Improper Privilege Management High CVE-2023-34118 07/11/2023 07/11/2023
ZSB-23019 Relative Path Traversal Low CVE-2023-34117 07/11/2023 07/11/2023
ZSB-23018 Improper Input Validation High CVE-2023-34116 07/11/2023 07/11/2023
ZSB-23025 Exposure of Sensitive Information Medium CVE-2023-36539 06/29/2023 06/29/2023
ZSB-23017 Buffer Copy without Checking Size of Input Medium CVE-2023-34115 06/13/2023 06/13/2023
ZSB-23016 Exposure of Resource to Wrong Sphere Medium CVE-2023-34114 06/13/2023 06/13/2023
ZSB-23015 Insufficient Verification of Data Authenticity High CVE-2023-34113 06/13/2023 06/13/2023
ZSB-23014 Improper Input Validation High CVE-2023-34122 06/13/2023 06/13/2023
ZSB-23013 Improper Input Validation Medium CVE-2023-34121 06/13/2023 06/13/2023
ZSB-23012 Improper Privilege Management High CVE-2023-34120 06/13/2023 06/13/2023
ZSB-23011 Improper Access Control in Zoom VDI Client Installer High CVE-2023-28603 06/13/2023 06/13/2023
ZSB-23010 Improper Verification of Cryptographic Signature in Zoom Clients Low CVE-2023-28602 06/13/2023 06/13/2023
ZSB-23009 Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoom Clients Low CVE-2023-28601 06/13/2023 06/13/2023
ZSB-23008 Improper access control in Zoom Clients Medium CVE-2023-28600 06/13/2023 06/13/2023
ZSB-23007 HTML Injection vulnerability in Zoom Clients Medium CVE-2023-28599 06/13/2023 06/13/2023
ZSB-23006 HTML injection in Zoom Linux Clients High CVE-2023-28598 06/13/2023 06/13/2023
ZSB-23005 Improper trust boundary implementation for SMB in Zoom Clients [Updated 2023-04-07] High CVE-2023-28597 03/14/2023 04/07/2023
ZSB-23004 Local Privilege Escalation in Zoom for macOS Installers Medium CVE-2023-28596 03/14/2023 03/14/2023
ZSB-23003 Local Privilege Escalation in Zoom for Windows Installers High CVE-2023-22883 03/14/2023 03/14/2023

No results found. 

The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.