Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controller - Buffer Overflow

Bulletin: ZSB-24031
CVEID: CVE-2024-42436, CVE-2024-42437, CVE-2024-42438
CVSS Severity: Medium
CVSS Score: 6.5
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Description:

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace Desktop App for Windows before version 6.1.0
Zoom Workplace Desktop App for macOS before version 6.1.0
Zoom Workplace Desktop App for Linux before version 6.1.0
Zoom Workplace App for iOS before version 6.1.0
Zoom Workplace App for Android before version 6.1.0
Zoom Workplace VDI Client for Windows before version 6.0.11 (excluding 5.17.14)
Zoom Meeting SDK for Windows before version 6.1.0
Zoom Meeting SDK for macOS before version 6.1.0
Zoom Meeting SDK for iOS before version 6.1.0
Zoom Meeting SDK for Android before version 6.1.0
Zoom Rooms Client for Windows before version 6.1.0
Zoom Rooms Client for Mac before version 6.1.0
Zoom Rooms Client for iPad before version 6.1.0
Zoom Rooms Controller for Windows before version 6.1.0
Zoom Rooms Controller for macOS before version 6.1.0
Zoom Rooms Controller for Linux before version 6.1.0
Zoom Rooms Controller for Android before version 6.1.0

Source:

Reported by Zoom Offensive Security.

Revision	Date	Description
1.0	08/13/2024	Initial publication.

Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controller - Buffer Overflow

Subscribe for updates