Path Traversal in Zoom for Android Clients

Bulletin: ZSB-22033
CVEID: CVE-2022-36928
CVSS Severity: Medium
CVSS Score: 6.1
CVSS Vector String: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Description:

Zoom for Android clients before version 5.13.0 contain a path traversal vulnerability. A third party app could exploit this vulnerability to read and write to the Zoom application data directory.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom for Android clients before version 5.13.0

Source:

Reported by Dimitrios Valsamaras of Microsoft

Revision	Date	Description
1.0	01/06/2023	Initial Publication

Path Traversal in Zoom for Android Clients

Subscribe for updates