Latest Zoom Vulnerabilities

CVE-2024-24693
Zoom Rooms Client for Windows - Improper Access Control
Zoom Rooms<5.17.5
CVE-2024-24692
Zoom Rooms Client for Windows - Race Condition
Zoom Rooms<5.17.5
CVE-2024-24691
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24690
Zoom Clients - Improper Input Validation
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24699
Zoom Clients - Business Logic Error
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24698
Zoom Clients - Improper Authentication
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24697
Zoom Clients - Untrusted Search Path
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24696
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2024-24695
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
=before version 5.16.5
=before version 5.16.10 (excluding 5.14.14 and 5.15.12)
=before version 5.17.0
=before version 5.16.5
Zoom Zoom mobile apps
and 3 more
CVE-2023-49647
Zoom Desktop Client for Windows - Improper Access Control
Zoom Meeting Software Development Kit<5.16.10
Zoom Video Software Development Kit<5.16.10
Zoom Zoom<5.16.10
Zoom Virtual Desktop Infrastructure<5.14.14
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.12
Zoom Virtual Desktop Infrastructure>=5.16.0<5.16.10
and 1 more
CVE-2023-49646
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
Zoom Meeting Software Development Kit<5.16.5
Zoom Video Software Development Kit<5.16.5
Zoom Virtual Desktop Infrastructure<5.14.14
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.12
Zoom Zoom<5.16.5
Zoom Zoom<5.16.5
and 3 more
CVE-2023-43586
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
Zoom Meeting Software Development Kit<5.16.5
Zoom Video Software Development Kit<5.16.5
Zoom Virtual Desktop Infrastructure<5.14.14
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.12
Zoom Zoom<5.16.5
CVE-2023-43585
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
Zoom Meeting Software Development Kit<5.16.0
Zoom Meeting Software Development Kit<5.16.5
Zoom Video Software Development Kit<5.16.5
Zoom Zoom<5.16.5
CVE-2023-43583
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information vi...
Zoom Meeting Software Development Kit<5.16.0
Zoom Meeting Software Development Kit<5.16.0
Zoom Video Software Development Kit<5.16.0
Zoom Video Software Development Kit<5.16.0
Zoom Zoom<5.16.0
Zoom Zoom<5.16.0
CVE-2023-43591
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
Zoom Rooms<5.16.0
CVE-2023-43590
Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
Zoom Rooms<5.16.0
CVE-2023-43582
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Rooms<5.16.0
and 10 more
CVE-2023-43588
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Virtual Desktop Infrastructure<5.14.13
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.11
Zoom Zoom<5.16.0
and 2 more
CVE-2023-39199
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Rooms<5.16.0
and 10 more
CVE-2023-39206
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Rooms<5.16.0
and 15 more
CVE-2023-39205
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Meetings<5.16.0
Zoom Video Software Development Kit<1.9.0
and 11 more
CVE-2023-39203
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
Zoom Virtual Desktop Infrastructure<5.14.13
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.11
Zoom Zoom<5.16.0
CVE-2023-39202
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
Zoom Rooms<5.16.0
Zoom Virtual Desktop Infrastructure<5.14.13
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.11
CVE-2023-39208
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access.
Zoom Zoom<5.15.10
CVE-2023-39215
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
Zoom Meeting Software Development Kit<5.15.5
Zoom Virtual Desktop Infrastructure<5.14.12
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.4
Zoom Zoom<5.15.5
Zoom Zoom<5.15.5
Zoom Zoom<5.15.5
and 2 more
CVE-2023-39201
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access.
Zoom Cleanzoom<2023-07-24
CVE-2023-39212
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.
Zoom Rooms<5.15.5
CVE-2023-39214
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
Zoom Meeting Software Development Kit<5.15.5
Zoom Meeting Software Development Kit<5.15.5
Zoom Meeting Software Development Kit<5.15.5
Zoom Meeting Software Development Kit<5.15.5
Zoom Meeting Software Development Kit<5.15.5
Zoom Rooms<5.15.5
and 8 more
CVE-2023-39211
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.
Zoom Rooms<5.15.5
Zoom Zoom<5.15.5
CVE-2023-39210
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access.
Zoom Meeting Software Development Kit<5.15.0
CVE-2023-39213
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network acc...
Zoom Virtual Desktop Infrastructure<5.15.2
Zoom Zoom<5.15.2
CVE-2023-39209
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
Zoom Zoom<5.15.5
CVE-2023-39216
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Zoom<5.14.7
CVE-2023-39218
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Virtual Desktop Infrastructure<5.14.10
Zoom Zoom<5.14.10
and 4 more
CVE-2023-39217
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
Zoom Meeting Software Development Kit<5.14.10
Zoom Meeting Software Development Kit<5.14.10
Zoom Meeting Software Development Kit<5.14.10
Zoom Meeting Software Development Kit<5.14.10
Zoom Meeting Software Development Kit<5.14.10
Zoom Video Software Development Kit<5.14.10
and 4 more
CVE-2023-36534
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Zoom<5.14.7
CVE-2023-36540
Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Zoom<5.14.5
CVE-2023-36541
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access.
Zoom Zoom<5.14.5
CVE-2023-36535
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Rooms<5.14.10
Zoom Virtual Desktop Infrastructure<5.14.10
Zoom Zoom<5.14.10
and 4 more
CVE-2023-36533
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access.
Zoom Meeting Software Development Kit<5.14.7
Zoom Meeting Software Development Kit<5.14.7
Zoom Meeting Software Development Kit<5.14.7
Zoom Meeting Software Development Kit<5.14.7
Zoom Meeting Software Development Kit<5.14.7
Zoom Video Software Development Kit<5.14.7
and 4 more
CVE-2023-36532
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
Zoom Rooms<5.14.5
Zoom Rooms<5.14.5
Zoom Rooms<5.14.5
Zoom Rooms<5.14.5
Zoom Virtual Desktop Infrastructure<5.14.5
Zoom Zoom<5.14.5
and 4 more
CVE-2023-34118
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Rooms<5.14.5
CVE-2023-34119
Insecure temporary file in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Rooms<5.15.0
CVE-2023-36538
Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Rooms<5.15.0
CVE-2023-36536
Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Rooms<5.15.0
CVE-2023-36537
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Rooms<5.14.5
CVE-2023-34116
Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access.
Zoom Zoom<5.15.0
CVE-2023-34117
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.
Zoom Zoom Software Development Kit<5.15.0
CVE-2023-36539
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
Zoom Meetings=5.15.0
Zoom Meetings=5.15.0
Zoom Meetings=5.15.0
Zoom Meetings=5.15.1
Zoom Rooms=5.15.0
Zoom Rooms=5.15.0
and 18 more
CVE-2023-34114
Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.
Zoom Zoom<5.14.10
Zoom Zoom<5.14.10

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203