VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 28, 2022· Updated Sep 17, 2024

Process memory exposure in Zoom on-premise Meeting services

CVE-2022-22783

Description

A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Zoom On-Premise Meeting Connector Controller and MMR leak process memory fragments to passive attackers.

Vulnerability

The Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 expose process memory fragments to connected clients. This vulnerability allows a passive attacker to observe portions of process memory.

Exploitation

An attacker does not require authentication or special privileges. By passively observing network traffic or client connections, the attacker can retrieve memory fragments without active manipulation.

Impact

Successful exploitation results in unauthorized disclosure of process memory fragments, potentially leaking sensitive information such as credentials, session tokens, or other data residing in memory.

Mitigation

Zoom recommends updating to the latest version of the affected software to receive the fix. No specific patched version is listed in the available reference [1]. As of the publication date (2022-04-28), users should upgrade to any version newer than 4.8.102.20220310.

References
  1. Zoom Security Bulletins

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.