Meetings Security Vulnerabilities - 2023
Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user.
7.8CVSS
7.8AI Score
0.0004EPSS
Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root.
7.8CVSS
7.7AI Score
0.0004EPSS
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
7.5CVSS
6AI Score
0.001EPSS
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
6.5CVSS
6.9AI Score
0.0005EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5CVSS
7.5AI Score
0.001EPSS
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
6.5CVSS
7.1AI Score
0.0004EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5CVSS
8AI Score
0.001EPSS
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
8.8CVSS
7.1AI Score
0.001EPSS
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
6.5CVSS
6.9AI Score
0.0005EPSS