CVE-2024-24691: Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
First published: Wed Feb 14 2024(Updated: )
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =before version 5.16.5 | ||
| =before version 5.16.10 (excluding 5.14.14 and 5.15.12) | ||
| =before version 5.17.0 | ||
| =before version 5.16.5 | ||
| Zoom Zoom mobile apps | ||
| Zoom Zoom VDI Client | ||
| Zoom Zoom Rooms Client | ||
| Zoom Zoom Meeting SDKs |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-24691
- agent/severity
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/the-register
- source/The Register
- alias/CVE-2024-24690
- alias/CVE-2024-24695
- alias/CVE-2024-24696
- alias/CVE-2024-24697
- alias/CVE-2024-24698
- alias/CVE-2024-24699
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- agent/news-ai
- agent/software-canonical-lookup
- vendor/zoom
- canonical/zoom zoom mobile apps
- canonical/zoom zoom vdi client
- canonical/zoom zoom rooms client
- canonical/zoom zoom meeting sdks