CRITICAL🇬🇧 English

CVE-2023-39213

CVSS 9.6v3.1pub. 2023-08-08upd. 2024-11-21

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  • Zoom Virtual Desktop Infrastructure

    APP
    Zoom
    < 5.15.2
  • Zoom

    APP
    Zoom
    < 5.15.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-24691CRITICAL9.6PL ✓ten sam produkt

Privilege escalation w Zoom Desktop Client, VDI Client i Meeting SDK dla Windows

CVE-2023-36534CRITICAL9.3ten sam produkt

Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an...

CVE-2023-39216CRITICAL9.6ten sam produkt

Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user t...

CVE-2022-28755CRITICAL9.6ten sam produkt

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptib...

CVE-2021-34423CRITICAL9.8ten sam produkt

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, an...