Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HZoom Virtual Desktop Infrastructure
APPZoom< 5.15.2Zoom
APPZoom< 5.15.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2024-24691CRITICAL9.6PL ✓ten sam produkt
Privilege escalation w Zoom Desktop Client, VDI Client i Meeting SDK dla Windows
CVE-2023-36534CRITICAL9.3ten sam produkt
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an...
CVE-2023-39216CRITICAL9.6ten sam produkt
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user t...
CVE-2022-28755CRITICAL9.6ten sam produkt
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptib...
CVE-2021-34423CRITICAL9.8ten sam produkt
A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, an...