Zoom Vdi Windows Meeting Client
by Zoom Video Communications, Inc.
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-24691 | 0.00 | — | 0.02 | Feb 14, 2024 | Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. | |||
| CVE-2024-24696 | 0.00 | — | 0.01 | Feb 13, 2024 | Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access. | |||
| CVE-2024-24695 | 0.00 | — | 0.01 | Feb 13, 2024 | Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access. | |||
| CVE-2023-34121 | 0.00 | — | 0.01 | Jun 13, 2023 | Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access. | |||
| CVE-2023-34120 | 0.00 | — | 0.00 | Jun 13, 2023 | Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system… | |||
| CVE-2023-28603 | 0.00 | — | 0.00 | Jun 13, 2023 | Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions. | |||
| CVE-2022-28764 | 0.00 | — | 0.00 | Nov 14, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure… | |||
| CVE-2022-28763 | 0.00 | — | 0.01 | Oct 31, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading… | |||
| CVE-2022-28755 | 0.00 | — | 0.01 | Aug 11, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading… | |||
| CVE-2022-22782 | 0.00 | — | 0.00 | Apr 28, 2022 | The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was… | |||
| CVE-2021-34420 | 0.00 | — | 0.00 | Nov 11, 2021 | The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer. |
- CVE-2024-24691Feb 14, 2024risk 0.00cvss —epss 0.02
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.
- CVE-2024-24696Feb 13, 2024risk 0.00cvss —epss 0.01
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
- CVE-2024-24695Feb 13, 2024risk 0.00cvss —epss 0.01
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
- CVE-2023-34121Jun 13, 2023risk 0.00cvss —epss 0.01
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
- CVE-2023-34120Jun 13, 2023risk 0.00cvss —epss 0.00
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system…
- CVE-2023-28603Jun 13, 2023risk 0.00cvss —epss 0.00
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions.
- CVE-2022-28764Nov 14, 2022risk 0.00cvss —epss 0.00
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure…
- CVE-2022-28763Oct 31, 2022risk 0.00cvss —epss 0.01
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading…
- CVE-2022-28755Aug 11, 2022risk 0.00cvss —epss 0.01
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading…
- CVE-2022-22782Apr 28, 2022risk 0.00cvss —epss 0.00
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was…
- CVE-2021-34420Nov 11, 2021risk 0.00cvss —epss 0.00
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.