CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11470

Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.5%

CVSS Severity

CVSS v3 Score 2.3

CVSS v2 Score 2.1

References

https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/
https://objective-see.com/blog/blog_0x56.html
https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/
https://objective-see.com/blog/blog_0x56.html

Products affected by CVE-2020-11470

Zoom » Meetings » Version: 4.6.8

cpe:2.3:a:zoom:meetings:4.6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11470

Products

Pricing

Contact Us