Zoom Desktop Client for Windows - Improper Input Validation

Bulletin: ZSB-23041
CVEID: CVE-2023-39209
CVSS Severity: Medium
CVSS Score: 5.9
CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L

Description:

Improper input validation in Zoom Desktop Client for Windows before version 5.15.5 may allow an authenticated user to enable an information disclosure via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Desktop Client for Windows before version 5.15.5

Source:

Reported by Zoom Offensive Security Team.

Revision	Date	Description
1.0	08/08/2023	Initial Publication

Zoom Desktop Client for Windows - Improper Input Validation

Subscribe for updates