Zoom Client’s - Exposure of Sensitive Information

Bulletin: ZSB-23039
CVEID: CVE-2023-39214
CVSS Severity: High
CVSS Score: 7.6
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Description:

Exposure of sensitive information in Zoom Client's before version 5.15.5 may allow an authenticated user to enable a denial of service via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Desktop Client for Windows before version 5.15.5
Zoom Desktop Client for macOS before version 5.15.5
Zoom Desktop Client for Linux before version 5.15.5
Zoom Mobile App for Android before version 5.15.5
Zoom Mobile App for iOS before version 5.15.5
Zoom Rooms for iPad before version 5.15.5
Zoom Rooms for Android before version 5.15.5
Zoom Rooms for Windows before version 5.15.5
Zoom Rooms for macOS before version 5.15.5

Source:

Reported by Zoom Offensive Security Team.

Revision	Date	Description
1.0	08/08/2023	Initial Publication

Zoom Client’s - Exposure of Sensitive Information

Subscribe for updates