Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoom Clients

Bulletin: ZSB-23009
CVEID: CVE-2023-28601
CVSS Severity: Low
CVSS Score: 2
CVSS Vector String: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Description:

Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom for Windows clients before version 5.14.0

Source:

Reported by sim0nsecurity

Revision	Date	Description
1.0	06/13/2023	Initial Publication

Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoom Clients

Subscribe for updates