Improper Input Validation

Bulletin: ZSB-23013
CVEID: CVE-2023-34121
CVSS Severity: Medium
CVSS Score: 4.9
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Description:

Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom for Windows clients before version 5.14.0
Zoom Rooms client for Windows before version 5.14.0
Zoom VDI Windows Meeting clients before version 5.14.0

Source:

Reported by Mohit Rawat - ASPIA InfoTech

Revision	Date	Description
1.0	06/13/2023	Initial Publication

Improper Input Validation

Subscribe for updates