Zoom Products Multiple Vulnerabilities

Release Date: 16 Jan 2025 582 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition, data manipulation, elevation of privilege and sensitive information disclosure on the targeted system.

Impact

Denial of Service
Elevation of Privilege
Information Disclosure
Data Manipulation

System / Technologies affected

Zoom Jenkins bot plugin before version 1.6
Zoom Meeting SDK for Android before version 6.2.5
Zoom Meeting SDK for iOS before version 6.2.5
Zoom Meeting SDK for Linux before version 6.2.10
Zoom Meeting SDK for macOS before version 6.2.10
Zoom Meeting SDK for Windows before version 6.2.5
Zoom Rooms Client for iPad before version 6.2.5
Zoom Rooms Client for macOS before version 6.2.10
Zoom Rooms Client for Windows before version 6.2.5
Zoom Rooms Controller for Android before version 6.2.5
Zoom Rooms Controller for Linux before version 6.2.5
Zoom Rooms Controller for macOS before version 6.2.10
Zoom Rooms Controller for Windows before version 6.2.5
Zoom Video SDK for Android before version 6.2.5
Zoom Video SDK for iOS before version 6.2.5
Zoom Video SDK for Linux before version 6.2.10
Zoom Video SDK for macOS before version 6.2.10
Zoom Video SDK for Windows before version 6.2.5
Zoom Workplace App for Android before version 6.2.5
Zoom Workplace App for iOS before version 6.2.5
Zoom Workplace App for Linux before version 6.2.10
Zoom Workplace App for macOS before version 6.2.10
Zoom Workplace App for Windows before version 6.2.5
Zoom Workplace VDI Client for Windows before version 6.1.13 (except 6.0.15)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Zoom