Lucene search

ZoomCVELIST:CVE-2024-39825

HistoryAug 14, 2024 - 4:34 p.m.

CVE-2024-39825 Zoom Workplace Apps and Rooms Clients - Buffer Overflow

2024-08-1416:34:53

CWE-122

Zoom

www.cve.org

zoom

workplace

apps

rooms

buffer overflow

escalation of privilege

network access

CVSS3

8.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux",
      "iOS",
      "Android"
    ],
    "product": "Zoom Workplace Apps and Rooms Clients",
    "vendor": "Zoom Communications Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "see references"
      }
    ]
  }
]

References

www.zoom.com/en/trust/security-bulletin/zsb-24022

CVSS3

8.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

Related for CVELIST:CVE-2024-39825