CVE-2022-28750

CVE-2022-28750 affects Zoom On-Premise Meeting Connector Zone Controller (ZC) versions prior to 4.8.20220419.112. The vulnerability arises from improper parsing of STUN error codes, leading to memory corruption and, in older releases (before 4.8.12.20211115), potential arbitrary code execution. E...

CVE-2022-28753

CVE-2022-28753 affects Zoom On-Premise Meeting Connector MMR before 4.8.129.20220714. The issue is improper access control that lets a participant join a meeting without appearing to others, admit themselves from the waiting room, and escalate to host, enabling disruptions. Affected versions are ...

CVE-2022-28754

CVE-2022-28754 – Zoom On-Premise Meeting Connector MMR is affected in versions prior to 4.8.129.20220714. The issue is an improper access control that lets a legitimate participant join without appearing to others, admit themselves from the waiting room, and assume host privileges, causing meetin...

CVE-2021-34414

CVE-2021-34414 affects Zoom on-premise components (Meeting Connector Controller, MMR, Recording Connector, Virtual Room Connector, and Load Balancer) prior to respective builds 4.6.348.20201217, 3.8.42.20200905, 4.4.6620.20201110, and 2.5.5495.20210326. The issue arises from a failure to validate...

CVE-2021-34416

The CVE-2021-34416 vulnerability affects Zoom on‑premise products: Meeting Connector, Meeting Connector MMR, Recording Connector, Virtual Room Connector, and Virtual Room Connector Load Balancer. The issue is an input validation failure in the network address administrative settings web portal wh...

CVE-2021-34415

The CVE-2021-34415 issue affects Zoom On-Premise Meeting Connector Controller (Zone Controller service) prior to version 4.6.358.20210205. The vulnerability stems from the service not validating the cnt field in incoming network packets, leading to resource exhaustion and a potential system crash...