Zoom Desktop Client for Windows and Zoom Rooms for Windows - Improper Privilege Management

Bulletin: ZSB-23036
CVEID: CVE-2023-39211
CVSS Severity: High
CVSS Score: 8.8
CVSS Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description:

Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable an information disclosure via local access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Desktop for Windows before version 5.15.5
Zoom Rooms for Windows before version 5.15.5

Source:

Reported by sim0nsecurity.

Revision	Date	Description
1.0	08/08/2023	Initial Publication

Zoom Desktop Client for Windows and Zoom Rooms for Windows - Improper Privilege Management

Subscribe for updates