Vendor CVEs
Zoom Video Communications, Inc.
All CVEs
230 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34419 | 0.00 | — | 0.01 | Nov 11, 2021 | In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be targeted for social engineering attacks. | |||
| CVE-2021-34420 | 0.00 | — | 0.00 | Nov 11, 2021 | The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer. | |||
| CVE-2021-34421 | 0.00 | — | 0.01 | Nov 11, 2021 | The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages.… | |||
| CVE-2021-34422 | 0.00 | — | 0.01 | Nov 11, 2021 | The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute… | |||
| CVE-2021-34413 | 0.00 | — | 0.01 | Sep 27, 2021 | All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin… | |||
| CVE-2021-34416 | 0.00 | — | 0.02 | Sep 27, 2021 | The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom… | |||
| CVE-2021-34415 | 0.00 | — | 0.01 | Sep 27, 2021 | The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash. | |||
| CVE-2021-34414 | 0.00 | — | 0.02 | Sep 27, 2021 | The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217, Zoom on-premise Recording Connector before version 3.8.42.20200905, Zoom… | |||
| CVE-2021-34412 | 0.00 | — | 0.00 | Sep 27, 2021 | During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | |||
| CVE-2021-34411 | 0.00 | — | 0.00 | Sep 27, 2021 | During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege… | |||
| CVE-2021-34410 | 0.00 | — | 0.00 | Sep 27, 2021 | A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root. | |||
| CVE-2021-34409 | 0.00 | — | 0.00 | Sep 27, 2021 | It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy… | |||
| CVE-2021-34408 | 0.00 | — | 0.00 | Sep 27, 2021 | The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the… | |||
| CVE-2021-33907 | 0.00 | — | 0.03 | Sep 27, 2021 | The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context. | |||
| CVE-2021-28133 | 0.00 | — | 0.16 | Mar 18, 2021 | Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other… | |||
| CVE-2020-9767 | 0.00 | — | 0.01 | Aug 14, 2020 | A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a… | |||
| CVE-2020-6110 | 0.00 | — | 0.04 | Jun 8, 2020 | An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution.… | |||
| CVE-2020-6109 | 0.00 | — | 0.05 | Jun 8, 2020 | An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An… | |||
| CVE-2020-11443 | 0.00 | — | 0.02 | May 4, 2020 | The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the… | |||
| CVE-2020-11876 | 0.00 | — | 0.02 | Apr 17, 2020 | airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code | |||
| CVE-2020-11877 | 0.00 | — | 0.02 | Apr 17, 2020 | airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code | |||
| CVE-2020-11500 | 0.00 | — | 0.01 | Apr 3, 2020 | Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key. | |||
| CVE-2020-11469 | 0.00 | — | 0.00 | Apr 1, 2020 | Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot. | |||
| CVE-2020-11470 | 0.00 | — | 0.00 | Apr 1, 2020 | Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's… | |||
| CVE-2019-13567 | 0.00 | — | 0.04 | Jul 12, 2019 | The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute… | |||
| CVE-2019-13450 | 0.00 | — | 0.03 | Jul 9, 2019 | In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a… | |||
| CVE-2019-13449 | 0.00 | — | 0.02 | Jul 9, 2019 | In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421. | |||
| CVE-2018-15715 | 0.00 | — | 0.03 | Nov 30, 2018 | Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom… | |||
| CVE-2014-5811 | 0.00 | — | 0.00 | Sep 9, 2014 | The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060008 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-2004-0680 | 0.00 | — | 0.04 | Aug 6, 2004 | Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. |
- CVE-2021-34419Nov 11, 2021risk 0.00cvss —epss 0.01
In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be targeted for social engineering attacks.
- CVE-2021-34420Nov 11, 2021risk 0.00cvss —epss 0.00
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.
- CVE-2021-34421Nov 11, 2021risk 0.00cvss —epss 0.01
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages.…
- CVE-2021-34422Nov 11, 2021risk 0.00cvss —epss 0.01
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute…
- CVE-2021-34413Sep 27, 2021risk 0.00cvss —epss 0.01
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin…
- CVE-2021-34416Sep 27, 2021risk 0.00cvss —epss 0.02
The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom…
- CVE-2021-34415Sep 27, 2021risk 0.00cvss —epss 0.01
The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash.
- CVE-2021-34414Sep 27, 2021risk 0.00cvss —epss 0.02
The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217, Zoom on-premise Recording Connector before version 3.8.42.20200905, Zoom…
- CVE-2021-34412Sep 27, 2021risk 0.00cvss —epss 0.00
During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.
- CVE-2021-34411Sep 27, 2021risk 0.00cvss —epss 0.00
During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege…
- CVE-2021-34410Sep 27, 2021risk 0.00cvss —epss 0.00
A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.
- CVE-2021-34409Sep 27, 2021risk 0.00cvss —epss 0.00
It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy…
- CVE-2021-34408Sep 27, 2021risk 0.00cvss —epss 0.00
The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the…
- CVE-2021-33907Sep 27, 2021risk 0.00cvss —epss 0.03
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.
- CVE-2021-28133Mar 18, 2021risk 0.00cvss —epss 0.16
Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other…
- CVE-2020-9767Aug 14, 2020risk 0.00cvss —epss 0.01
A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a…
- CVE-2020-6110Jun 8, 2020risk 0.00cvss —epss 0.04
An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution.…
- CVE-2020-6109Jun 8, 2020risk 0.00cvss —epss 0.05
An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An…
- CVE-2020-11443May 4, 2020risk 0.00cvss —epss 0.02
The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the…
- CVE-2020-11876Apr 17, 2020risk 0.00cvss —epss 0.02
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code
- CVE-2020-11877Apr 17, 2020risk 0.00cvss —epss 0.02
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code
- CVE-2020-11500Apr 3, 2020risk 0.00cvss —epss 0.01
Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key.
- CVE-2020-11469Apr 1, 2020risk 0.00cvss —epss 0.00
Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot.
- CVE-2020-11470Apr 1, 2020risk 0.00cvss —epss 0.00
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's…
- CVE-2019-13567Jul 12, 2019risk 0.00cvss —epss 0.04
The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute…
- CVE-2019-13450Jul 9, 2019risk 0.00cvss —epss 0.03
In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a…
- CVE-2019-13449Jul 9, 2019risk 0.00cvss —epss 0.02
In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421.
- CVE-2018-15715Nov 30, 2018risk 0.00cvss —epss 0.03
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom…
- CVE-2014-5811Sep 9, 2014risk 0.00cvss —epss 0.00
The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060008 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2004-0680Aug 6, 2004risk 0.00cvss —epss 0.04
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.
Page 5 of 5