First published: Tue Nov 14 2023(Updated: )
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
Credit: security@zoom.us
Affected Software | Affected Version | How to fix |
---|---|---|
Zoom Meetings | <5.16.0 | |
Zoom Meetings | <5.16.0 | |
Zoom Meetings | <5.16.0 | |
Zoom Meetings | <5.16.0 | |
Zoom Meetings | <5.16.0 | |
Zoom Rooms | <5.16.0 | |
Zoom Rooms | <5.16.0 | |
Zoom Rooms | <5.16.0 | |
Zoom Rooms | <5.16.0 | |
Zoom Virtual Desktop Infrastructure | <5.14.13 | |
Zoom Virtual Desktop Infrastructure | >=5.15.0<5.15.11 | |
Zoom Zoom | <5.16.0 | |
Zoom Zoom | <5.16.0 | |
Zoom Zoom | <5.16.0 | |
Zoom Zoom | <5.16.0 | |
Zoom Zoom | <5.16.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-43582 is a vulnerability in some Zoom clients that allows an authorized user to conduct an escalation of privilege via network access.
Zoom Meetings (Android, iOS, Linux, macOS, Windows), Zoom Rooms (Android, iOS, macOS, Windows), and Zoom Virtual Desktop Infrastructure are affected by CVE-2023-43582.
CVE-2023-43582 has a severity rating of 8.8 (high).
An authorized user can exploit CVE-2023-43582 by leveraging improper authorization to escalate their privilege via network access.
You can find more information about CVE-2023-43582 in the Zoom security bulletin at the following URL: [https://explore.zoom.us/en/trust/security/security-bulletin/](https://explore.zoom.us/en/trust/security/security-bulletin/)