First published: Tue Nov 14 2023(Updated: )
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
|Affected Software||Affected Version||How to fix|
|Zoom Virtual Desktop Infrastructure||<5.14.13|
|Zoom Virtual Desktop Infrastructure||>=5.15.0<5.15.11|
CVE-2023-43588 is a vulnerability that allows an authenticated user to conduct information disclosure via network access in certain Zoom clients.
Zoom Meetings versions up to 5.16.0, Zoom Virtual Desktop Infrastructure versions up to 5.14.13 and versions between 5.15.0 and 5.15.11, as well as Zoom Zoom versions up to 5.16.0 are affected by CVE-2023-43588.
CVE-2023-43588 has a severity score of 6.5, which is considered medium.
An authenticated user can exploit CVE-2023-43588 by leveraging insufficient control flow management in certain Zoom clients to conduct an information disclosure through network access.
Yes, it is recommended to update to the latest version of the affected Zoom clients to mitigate CVE-2023-43588.