Zoom : Security Vulnerabilities
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
| Max Base Score | 6.1 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
| Max Base Score | 7.5 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
| Max Base Score | 9.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.09% |
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
| Max Base Score | 7.1 |
| Published | 2023-09-12 |
| Updated | 2023-09-15 |
| EPSS | 0.04% |
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
| Max Base Score | 8.1 |
| Published | 2023-08-08 |
| Updated | 2023-08-14 |
| EPSS | 0.05% |
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
| Max Base Score | 9.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-15 |
| EPSS | 0.15% |
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.
| Max Base Score | 7.9 |
| Published | 2023-08-08 |
| Updated | 2023-08-15 |
| EPSS | 0.04% |
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.
| Max Base Score | 8.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-15 |
| EPSS | 0.04% |
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access.
| Max Base Score | 5.5 |
| Published | 2023-08-08 |
| Updated | 2023-08-15 |
| EPSS | 0.04% |
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
| Max Base Score | 6.5 |
| Published | 2023-08-08 |
| Updated | 2023-08-15 |
| EPSS | 0.05% |
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access.
| Max Base Score | 7.5 |
| Published | 2023-09-12 |
| Updated | 2023-09-15 |
| EPSS | 0.05% |
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access.
| Max Base Score | 7.2 |
| Published | 2023-09-12 |
| Updated | 2023-09-16 |
| EPSS | 0.04% |
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access.
| Max Base Score | 8.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
| Max Base Score | 7.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.04% |
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
| Max Base Score | 7.5 |
| Published | 2023-06-30 |
| Updated | 2023-07-10 |
| EPSS | 0.09% |
Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
| Max Base Score | 8.4 |
| Published | 2023-07-11 |
| Updated | 2023-07-19 |
| EPSS | 0.04% |
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
| Max Base Score | 7.8 |
| Published | 2023-07-11 |
| Updated | 2023-07-19 |
| EPSS | 0.04% |
Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
| Max Base Score | 8.2 |
| Published | 2023-07-11 |
| Updated | 2023-07-19 |
| EPSS | 0.04% |
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
| Max Base Score | 7.1 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
| Max Base Score | 9.8 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.10% |
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access.
| Max Base Score | 7.5 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
| Max Base Score | 7.5 |
| Published | 2023-08-08 |
| Updated | 2023-08-11 |
| EPSS | 0.05% |
Improper input validation in the installer for Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
| Max Base Score | 7.8 |
| Published | 2023-06-13 |
| Updated | 2023-06-21 |
| EPSS | 0.04% |
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
| Max Base Score | 8.8 |
| Published | 2023-06-13 |
| Updated | 2023-06-21 |
| EPSS | 0.05% |
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges.
| Max Base Score | 8.7 |
| Published | 2023-06-13 |
| Updated | 2023-06-21 |
| EPSS | 0.04% |