Vulnerability Details CVE-2018-15715
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke functionality in the target client. This allows the attacker to remove attendees from meetings, spoof messages from users, or hijack shared screens.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-15715
-
cpe:2.3:a:zoom:zoom:0.9.10042.0911
-
cpe:2.3:a:zoom:zoom:0.9.10894.0925
-
cpe:2.3:a:zoom:zoom:0.9.11127.0928
-
cpe:2.3:a:zoom:zoom:0.92.12362.1030
-
cpe:2.3:a:zoom:zoom:0.92.12606.1105
-
cpe:2.3:a:zoom:zoom:0.92.13003.1113
-
cpe:2.3:a:zoom:zoom:1.0.17717.0126
-
cpe:2.3:a:zoom:zoom:1.0.17722.0126
-
cpe:2.3:a:zoom:zoom:1.0.18174.0205
-
cpe:2.3:a:zoom:zoom:1.0.18176.0205
-
cpe:2.3:a:zoom:zoom:1.0.18485.0222
-
cpe:2.3:a:zoom:zoom:1.0.18490.0222
-
cpe:2.3:a:zoom:zoom:1.0.18584.0225
-
cpe:2.3:a:zoom:zoom:1.0.18953.0305
-
cpe:2.3:a:zoom:zoom:1.0.19767.0322
-
cpe:2.3:a:zoom:zoom:1.0.19784.0322
-
cpe:2.3:a:zoom:zoom:1.0.22331.0731
-
cpe:2.3:a:zoom:zoom:1.1.26956.0918
-
cpe:2.3:a:zoom:zoom:1.1.32904.1120
-
cpe:2.3:a:zoom:zoom:1.1.33228.1124
-
cpe:2.3:a:zoom:zoom:1.1.37479.0107
-
cpe:2.3:a:zoom:zoom:1.1.38634.0127
-
cpe:2.3:a:zoom:zoom:1.1.44485.0317
-
cpe:2.3:a:zoom:zoom:2.0.106600.0904
-
cpe:2.3:a:zoom:zoom:2.0.115900.1201
-
cpe:2.3:a:zoom:zoom:2.0.123086.0330
-
cpe:2.3:a:zoom:zoom:2.0.123200.0405
-
cpe:2.3:a:zoom:zoom:2.0.24227.0531
-
cpe:2.3:a:zoom:zoom:2.0.24230.0531
-
cpe:2.3:a:zoom:zoom:2.0.24278.0602
-
cpe:2.3:a:zoom:zoom:2.0.24622.0608
-
cpe:2.3:a:zoom:zoom:2.0.24636.0609
-
cpe:2.3:a:zoom:zoom:2.0.26494.0729
-
cpe:2.3:a:zoom:zoom:2.0.26498.0729
-
cpe:2.3:a:zoom:zoom:2.0.26542.0730
-
cpe:2.3:a:zoom:zoom:2.0.27327.0826
-
cpe:2.3:a:zoom:zoom:2.0.27343.0826
-
cpe:2.3:a:zoom:zoom:2.0.28860.0927
-
cpe:2.3:a:zoom:zoom:2.0.30025.1017
-
cpe:2.3:a:zoom:zoom:2.0.31403.1104
-
cpe:2.3:a:zoom:zoom:2.0.49177.0430
-
cpe:2.3:a:zoom:zoom:2.0.52458.0531
-
cpe:2.3:a:zoom:zoom:2.0.57232.0713
-
cpe:2.3:a:zoom:zoom:2.0.63547.0830
-
cpe:2.3:a:zoom:zoom:2.0.70790.1031
-
cpe:2.3:a:zoom:zoom:2.0.75971.1216
-
cpe:2.3:a:zoom:zoom:2.0.81497.1116
-
cpe:2.3:a:zoom:zoom:2.0.87130.0317
-
cpe:2.3:a:zoom:zoom:2.0.89826.0417
-
cpe:2.3:a:zoom:zoom:2.0.91373.0502
-
cpe:2.3:a:zoom:zoom:2.0.98253.0707
-
cpe:2.3:a:zoom:zoom:2.1.103753.0521
-
cpe:2.3:a:zoom:zoom:2.2.128100.0627
-
cpe:2.3:a:zoom:zoom:2.2.128200.0702
-
cpe:2.3:a:zoom:zoom:2.3.128305.0716
-
cpe:2.3:a:zoom:zoom:2.4.121350.0816
-
cpe:2.3:a:zoom:zoom:2.4.129780.0915
-
cpe:2.3:a:zoom:zoom:2.5.34797.1213
-
cpe:2.3:a:zoom:zoom:2.5.34803.1214
-
cpe:2.3:a:zoom:zoom:2.5.34846.1216
-
cpe:2.3:a:zoom:zoom:2.5.35125.1230
-
cpe:2.3:a:zoom:zoom:2.5.35132.1230
-
cpe:2.3:a:zoom:zoom:2.5.35230.0103
-
cpe:2.3:a:zoom:zoom:2.5.35232.0103
-
cpe:2.3:a:zoom:zoom:2.5.40060.0120
-
cpe:2.3:a:zoom:zoom:2.5.40199.0303
-
cpe:2.3:a:zoom:zoom:2.5.40202.0303
-
cpe:2.3:a:zoom:zoom:2.5.40309.0317
-
cpe:2.3:a:zoom:zoom:2.5.40309.0319
-
cpe:2.3:a:zoom:zoom:2.5.40419.0328
-
cpe:2.3:a:zoom:zoom:2.5.40422.0328
-
cpe:2.3:a:zoom:zoom:2.5.40542.0410
-
cpe:2.3:a:zoom:zoom:2.5.40960.0704
-
cpe:2.3:a:zoom:zoom:2.5.40961.0701
-
cpe:2.3:a:zoom:zoom:3.0.45578.0809
-
cpe:2.3:a:zoom:zoom:3.0.45579.0809
-
cpe:2.3:a:zoom:zoom:3.0.45732.0815
-
cpe:2.3:a:zoom:zoom:3.0.45740.0815
-
cpe:2.3:a:zoom:zoom:3.0.46200.0828
-
cpe:2.3:a:zoom:zoom:3.0.46236.0829
-
cpe:2.3:a:zoom:zoom:3.0.46609.0915
-
cpe:2.3:a:zoom:zoom:3.0.46825.0919
-
cpe:2.3:a:zoom:zoom:3.0.46828.0919
-
cpe:2.3:a:zoom:zoom:3.0.46995.0924
-
cpe:2.3:a:zoom:zoom:3.0.47212.0929
-
cpe:2.3:a:zoom:zoom:3.0.47216.0929
-
cpe:2.3:a:zoom:zoom:3.0.47252.0930
-
cpe:2.3:a:zoom:zoom:3.0.47858.1017
-
cpe:2.3:a:zoom:zoom:3.0.48197.1024
-
cpe:2.3:a:zoom:zoom:3.0.48496.1031
-
cpe:2.3:a:zoom:zoom:3.0.48498.1031
-
cpe:2.3:a:zoom:zoom:3.0.48880.1117
-
cpe:2.3:a:zoom:zoom:3.0.48882.1117
-
cpe:2.3:a:zoom:zoom:3.0.49042.1203
-
cpe:2.3:a:zoom:zoom:3.5.10908.0316
-
cpe:2.3:a:zoom:zoom:3.5.11029.0317
-
cpe:2.3:a:zoom:zoom:3.5.11039.0317
-
cpe:2.3:a:zoom:zoom:3.5.12650.0403
-
cpe:2.3:a:zoom:zoom:3.5.12706.0403
-
cpe:2.3:a:zoom:zoom:3.5.131222.0413
-
cpe:2.3:a:zoom:zoom:3.5.13132.0410
-
cpe:2.3:a:zoom:zoom:3.5.13222.0413
-
cpe:2.3:a:zoom:zoom:3.5.13678.0417
-
cpe:2.3:a:zoom:zoom:3.5.14582.0427
-
cpe:2.3:a:zoom:zoom:3.5.14934.0430
-
cpe:2.3:a:zoom:zoom:3.5.14940.0430
-
cpe:2.3:a:zoom:zoom:3.5.15506.0508
-
cpe:2.3:a:zoom:zoom:3.5.16903.0522
-
cpe:2.3:a:zoom:zoom:3.5.17994.0608
-
cpe:2.3:a:zoom:zoom:3.5.19597.0626
-
cpe:2.3:a:zoom:zoom:3.5.19689.0629
-
cpe:2.3:a:zoom:zoom:3.5.19869.0701
-
cpe:2.3:a:zoom:zoom:3.5.19877.0701
-
cpe:2.3:a:zoom:zoom:3.5.20913.0716
-
cpe:2.3:a:zoom:zoom:3.5.21228.0720
-
cpe:2.3:a:zoom:zoom:3.5.21488.0723
-
cpe:2.3:a:zoom:zoom:3.5.22132.0730
-
cpe:2.3:a:zoom:zoom:3.5.24604.0824
-
cpe:2.3:a:zoom:zoom:3.5.27094.0918
-
cpe:2.3:a:zoom:zoom:3.5.27255.0921
-
cpe:2.3:a:zoom:zoom:3.5.27322.0922
-
cpe:2.3:a:zoom:zoom:3.5.27367.0922
-
cpe:2.3:a:zoom:zoom:3.5.31087.1102
-
cpe:2.3:a:zoom:zoom:3.5.33823.1130
-
cpe:2.3:a:zoom:zoom:3.5.33842.1130
-
cpe:2.3:a:zoom:zoom:3.5.37712.0111
-
cpe:2.3:a:zoom:zoom:3.5.40270.0205
-
cpe:2.3:a:zoom:zoom:3.5.44008.0314
-
cpe:2.3:a:zoom:zoom:3.5.44022.0314
-
cpe:2.3:a:zoom:zoom:3.5.44413.0317
-
cpe:2.3:a:zoom:zoom:3.5.44420.0317
-
cpe:2.3:a:zoom:zoom:3.5.44581.0318
-
cpe:2.3:a:zoom:zoom:3.5.45146.0318
-
cpe:2.3:a:zoom:zoom:3.5.45146.0324
-
cpe:2.3:a:zoom:zoom:3.5.47151.0412
-
cpe:2.3:a:zoom:zoom:3.5.47163.0412
-
cpe:2.3:a:zoom:zoom:3.5.48445.0422
-
cpe:2.3:a:zoom:zoom:3.5.48564.0425
-
cpe:2.3:a:zoom:zoom:3.5.49839.0509
-
cpe:2.3:a:zoom:zoom:3.5.49863.0509
-
cpe:2.3:a:zoom:zoom:3.5.53922.0613
-
cpe:2.3:a:zoom:zoom:3.5.53922.0620
-
cpe:2.3:a:zoom:zoom:3.5.56157.0701
-
cpe:2.3:a:zoom:zoom:3.5.56247.0704
-
cpe:2.3:a:zoom:zoom:3.5.56609.0707
-
cpe:2.3:a:zoom:zoom:3.5.57166.0713
-
cpe:2.3:a:zoom:zoom:3.5.6289.1226
-
cpe:2.3:a:zoom:zoom:3.5.6299.1228
-
cpe:2.3:a:zoom:zoom:3.5.63382.0829
-
cpe:2.3:a:zoom:zoom:3.5.63439.0829
-
cpe:2.3:a:zoom:zoom:3.5.63970.0901
-
cpe:2.3:a:zoom:zoom:3.5.63975.0901
-
cpe:2.3:a:zoom:zoom:3.5.6478.1231
-
cpe:2.3:a:zoom:zoom:3.5.64827.0908
-
cpe:2.3:a:zoom:zoom:3.5.64836.0908
-
cpe:2.3:a:zoom:zoom:3.5.6760.0109
-
cpe:2.3:a:zoom:zoom:3.5.7165.0116
-
cpe:2.3:a:zoom:zoom:3.5.7727.0123
-
cpe:2.3:a:zoom:zoom:3.5.7731.0123
-
cpe:2.3:a:zoom:zoom:3.5.8412.0202
-
cpe:2.3:a:zoom:zoom:3.5.9172.0212
-
cpe:2.3:a:zoom:zoom:3.5.9196.0212
-
cpe:2.3:a:zoom:zoom:3.6.10810.1031
-
cpe:2.3:a:zoom:zoom:3.6.10826.1101
-
cpe:2.3:a:zoom:zoom:3.6.11633.1109
-
cpe:2.3:a:zoom:zoom:3.6.11639.1109
-
cpe:2.3:a:zoom:zoom:3.6.12652.1121
-
cpe:2.3:a:zoom:zoom:3.6.13977.1202
-
cpe:2.3:a:zoom:zoom:3.6.17038.1226
-
cpe:2.3:a:zoom:zoom:3.6.17046.1226
-
cpe:2.3:a:zoom:zoom:3.6.17722.1229
-
cpe:2.3:a:zoom:zoom:3.6.17818.1230
-
cpe:2.3:a:zoom:zoom:4.0.21432.0116
-
cpe:2.3:a:zoom:zoom:4.0.21440.0116
-
cpe:2.3:a:zoom:zoom:4.0.21664.0117
-
cpe:2.3:a:zoom:zoom:4.0.22115.0123
-
cpe:2.3:a:zoom:zoom:4.0.22258.0125
-
cpe:2.3:a:zoom:zoom:4.0.22259.0125
-
cpe:2.3:a:zoom:zoom:4.0.25513.0228
-
cpe:2.3:a:zoom:zoom:4.0.25926.0306
-
cpe:2.3:a:zoom:zoom:4.0.25958.0306
-
cpe:2.3:a:zoom:zoom:4.0.29183.0407
-
cpe:2.3:a:zoom:zoom:4.0.29208.0410
-
cpe:2.3:a:zoom:zoom:4.0.29390.0411
-
cpe:2.3:a:zoom:zoom:4.0.29406.0411
-
cpe:2.3:a:zoom:zoom:4.0.29656.0413
-
cpe:2.3:a:zoom:zoom:4.0.35295.0605
-
cpe:2.3:a:zoom:zoom:4.0.36452.0616
-
cpe:2.3:a:zoom:zoom:4.0.36525.0619
-
cpe:2.3:a:zoom:zoom:4.0.38982.0714
-
cpe:2.3:a:zoom:zoom:4.1.10062.1016
-
cpe:2.3:a:zoom:zoom:4.1.11049.1024
-
cpe:2.3:a:zoom:zoom:4.1.16699.1208
-
cpe:2.3:a:zoom:zoom:4.1.16781.1211
-
cpe:2.3:a:zoom:zoom:4.1.17379.1218
-
cpe:2.3:a:zoom:zoom:4.1.18796.0103
-
cpe:2.3:a:zoom:zoom:4.1.18847.0104
-
cpe:2.3:a:zoom:zoom:4.1.19663.0122
-
cpe:2.3:a:zoom:zoom:4.1.19666.0122
-
cpe:2.3:a:zoom:zoom:4.1.20185.0205
-
cpe:2.3:a:zoom:zoom:4.1.20199.0205
-
cpe:2.3:a:zoom:zoom:4.1.20446.0209
-
cpe:2.3:a:zoom:zoom:4.1.23108.0402
-
cpe:2.3:a:zoom:zoom:4.1.23501.0416
-
cpe:2.3:a:zoom:zoom:4.1.24407.0507
-
cpe:2.3:a:zoom:zoom:4.1.24423.0507
-
cpe:2.3:a:zoom:zoom:4.1.24919.0512
-
cpe:2.3:a:zoom:zoom:4.1.24919.0521
-
cpe:2.3:a:zoom:zoom:4.1.25010.0522
-
cpe:2.3:a:zoom:zoom:4.1.25233.0525
-
cpe:2.3:a:zoom:zoom:4.1.27348.0625
-
cpe:2.3:a:zoom:zoom:4.1.27507.0627
-
cpe:2.3:a:zoom:zoom:4.1.27695.0702
-
cpe:2.3:a:zoom:zoom:4.1.27702.0702
-
cpe:2.3:a:zoom:zoom:4.1.28165.0716
-
cpe:2.3:a:zoom:zoom:4.1.28245.0717
-
cpe:2.3:a:zoom:zoom:4.1.30445.0820
-
cpe:2.3:a:zoom:zoom:4.1.30477.0820
-
cpe:2.3:a:zoom:zoom:4.1.30528.0821
-
cpe:2.3:a:zoom:zoom:4.1.31275.0831
-
cpe:2.3:a:zoom:zoom:4.1.33259.0925
-
cpe:2.3:a:zoom:zoom:4.1.34460.1105
-
cpe:2.3:a:zoom:zoom:4.1.34475.1105
-
cpe:2.3:a:zoom:zoom:4.1.34583.1107
-
cpe:2.3:a:zoom:zoom:4.1.8826.0925
-
cpe:2.3:a:zoom:zoom:4.1.9338.0929
-
cpe:2.3:a:zoom:zoom:4.1.9355.0929