Zoom Products Multiple Vulnerabilities

Release Date: 14 Feb 2024 4064 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

Multiple vulnerabilities have been identified in Zoom products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.

Impact

Denial of Service
Elevation of Privilege
Information Disclosure

System / Technologies affected

Zoom Desktop Client for Linux before version 5.16.5
Zoom Desktop Client for Linux before version 5.17.0
Zoom Desktop Client for Windows before version 5.16.5
Zoom Desktop Client for Windows before version 5.17.0
Zoom Desktop Client for macOS before version 5.16.5
Zoom Desktop Client for macOS before version 5.17.0
Zoom Meeting SDK for Windows before version 5.16.5
Zoom Meeting SDK for Windows before version 5.17.0
Zoom Meeting SDKs before version 5.16.5
Zoom Meeting SDKs before version 5.17.0
Zoom Mobile App for Android before version 5.16.5
Zoom Mobile App for Android before version 5.17.0
Zoom Mobile App for iOS before version 5.16.5
Zoom Mobile App for iOS before version 5.17.0
Zoom Rooms Client for Windows before version 5.17.0
Zoom Rooms Clients before version 5.17.0
Zoom VDI Client for Windows before version 5.16.10 (excluding 5.14.14 and 5.15.12)
Zoom VDI Client for Windows before version 5.17.5 (excluding 5.15.15 and 5.16.10)
Zoom VDI Client for Windows before version 5.17.5 (excluding 5.15.15 and 5.16.12)
Zoom Video SDK for Windows before version 5.16.5

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Zoom