CVE-2023-36539: Weak Encryption
First published: Fri Jun 30 2023(Updated: )
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
Credit: security@zoom.us security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Meetings | =5.15.0 | |
| Zoom Meetings | =5.15.0 | |
| Zoom Meetings | =5.15.0 | |
| Zoom Client for Meetings | =5.15.1 | |
| Zoom Rooms | =5.15.0 | |
| Zoom Rooms | =5.15.0 | |
| Zoom Rooms | =5.15.0 | |
| Zoom Video Software Development Kit | =1.8.0 | |
| Zoom | =5.15.0 | |
| Zoom | =5.15.0 | |
| Zoom Zoom Linux kernel | =5.15.0 | |
| Zoom | =5.15.0 | |
| Zoom | =5.15.0 | |
| Zoom | =5.15.1 | |
| Zoom poly ccx 700 firmware | =5.15.0 | |
| Zoom Poly CCX 700 | ||
| Poly CCX 600 firmware | =5.15.0 | |
| Poly CCX 600 | ||
| Zoom yealink vp59 firmware | =5.15.0 | |
| Zoom Yealink VP59 | ||
| Zoom Yealink MP54 Firmware | =5.15.0 | |
| Zoom Yealink MP54 Firmware | ||
| Zoom yealink mp56 firmware | =5.15.0 | |
| Zoom yealink mp56 | ||
| All of | ||
| Zoom poly ccx 700 firmware | =5.15.0 | |
| Zoom Poly CCX 700 | ||
| All of | ||
| Poly CCX 600 firmware | =5.15.0 | |
| Poly CCX 600 | ||
| All of | ||
| Zoom yealink vp59 firmware | =5.15.0 | |
| Zoom Yealink VP59 | ||
| All of | ||
| Zoom Yealink MP54 Firmware | ||
| Zoom Yealink MP54 Firmware | =5.15.0 | |
| All of | ||
| Zoom yealink mp56 | ||
| Zoom yealink mp56 firmware | =5.15.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Zoom vulnerability?
The vulnerability ID of this Zoom vulnerability is CVE-2023-36539.
What is the severity of CVE-2023-36539?
The severity of CVE-2023-36539 is high with a CVSS score of 7.5.
Which software versions are affected by CVE-2023-36539?
Zoom Meetings version 5.15.0, Zoom Meetings version 5.15.1, Zoom Rooms version 5.15.0, Zoom Video Software Development Kit version 1.8.0, and Zoom Zoom versions 5.15.0 and 5.15.1 are affected by CVE-2023-36539.
What is the impact of CVE-2023-36539?
CVE-2023-36539 may lead to the disclosure of sensitive information that was intended to be encrypted.
Is there a fix available for CVE-2023-36539?
Yes, a fix is available for CVE-2023-36539. It is recommended to update Zoom Meetings and Zoom Zoom to the latest version.
- agent/type
- agent/severity
- agent/references
- agent/event
- agent/first-publish-date
- agent/weakness
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/zoom
- canonical/zoom meetings
- version/zoom meetings/5.15.0
- canonical/zoom client for meetings
- version/zoom client for meetings/5.15.1
- canonical/zoom rooms
- version/zoom rooms/5.15.0
- canonical/zoom video software development kit
- version/zoom video software development kit/1.8.0
- canonical/zoom
- version/zoom/5.15.0
- canonical/zoom zoom linux kernel
- version/zoom zoom linux kernel/5.15.0
- version/zoom/5.15.1
- canonical/zoom poly ccx 700 firmware
- version/zoom poly ccx 700 firmware/5.15.0
- canonical/zoom poly ccx 700
- canonical/poly ccx 600 firmware
- version/poly ccx 600 firmware/5.15.0
- canonical/poly ccx 600
- canonical/zoom yealink vp59 firmware
- version/zoom yealink vp59 firmware/5.15.0
- canonical/zoom yealink vp59
- canonical/zoom yealink mp54 firmware
- version/zoom yealink mp54 firmware/5.15.0
- canonical/zoom yealink mp56 firmware
- version/zoom yealink mp56 firmware/5.15.0
- canonical/zoom yealink mp56