CVE-2023-43586

CyberxtronTech

CVE Alert: High severity vulnerabilities in Zoom products are exploited in cyber attacks  CVE-2023-43585 (CVSS 7.1) - Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS Impact: Allow an authenticated user to conduct a disclosure of information via network access. Affected Products: Zoom Mobile App for iOS before version 5.16.5 Zoom Video SDK for iOS before version 5.16.5 Zoom Meeting SDK for iOS before version 5.16.5 Zoom Meeting SDK for Android before version 5.16.0 Fix: Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates CVE-2023-43586 (CVSS 7.3) - Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows Impact: Allow an authenticated user to conduct an escalation of privilege via network access. Affected Products: Zoom Desktop Client for Windows before version 5.16.5 Zoom VDI Client before version 5.16.0 (excluding 5.14.14 and 5.15.12) Zoom Video SDK for Windows before version 5.16.5 Zoom Meeting SDK for Windows before version 5.16.5 Fix: Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates -------------------------------------------------------------------------------------- Join us on our mission to secure the digital world and make cyber defense affordable to everyone! Follow "CyberXTron Technologies" for the timely, relevant and actionable cyber threat insights. #Zoom #CVEExploit #Cyberattacks #CyberSecurity