Zoom Desktop Client for Windows - Insufficient Verification of Data Authenticity

Bulletin: ZSB-23027
CVEID: CVE-2023-36541
CVSS Severity: High
CVSS Score: 8
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Description:

Insufficient verification of data authenticity in Zoom Desktop Client for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Desktop Client for Windows before version 5.14.5

Source:

Reported by sim0nsecurity.

Revision	Date	Description
1.0	08/08/2023	Initial Publication

Zoom Desktop Client for Windows - Insufficient Verification of Data Authenticity

Subscribe for updates