Vulnerability Details CVE-2022-28750
Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.9%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-28750
-
cpe:2.3:a:zoom:meeting_connector:1.0.23635.0520
-
cpe:2.3:a:zoom:meeting_connector:1.0.23635.0911
-
cpe:2.3:a:zoom:meeting_connector:1.0.31398.1104
-
cpe:2.3:a:zoom:meeting_connector:1.0.34775.1213
-
cpe:2.3:a:zoom:meeting_connector:2.5.863.0609
-
cpe:2.3:a:zoom:meeting_connector:3.6.43993.0312
-
cpe:2.3:a:zoom:meeting_connector:4.0.74356.1206
-
cpe:2.3:a:zoom:meeting_connector:4.3.114891.1123
-
cpe:2.3:a:zoom:meeting_connector:4.3.134251.1029
-
cpe:2.3:a:zoom:meeting_connector:4.3.36476.0327
-
cpe:2.3:a:zoom:meeting_connector:4.3.98838.1114
-
cpe:2.3:a:zoom:meeting_connector:4.5.201900.0926
-
cpe:2.3:a:zoom:meeting_connector:4.5.546.20200116
-
cpe:2.3:a:zoom:meeting_connector:4.6.148.20200430
-
cpe:2.3:a:zoom:meeting_connector:4.6.159.20200505
-
cpe:2.3:a:zoom:meeting_connector:4.6.239.20200613
-
cpe:2.3:a:zoom:meeting_connector:4.6.327.20200724
-
cpe:2.3:a:zoom:meeting_connector:4.6.348.20201217
-
cpe:2.3:a:zoom:meeting_connector:4.6.358.20210205
-
cpe:2.3:a:zoom:meeting_connector:4.6.360.20210325
-
cpe:2.3:a:zoom:meeting_connector:4.6.363.20210429
-
cpe:2.3:a:zoom:meeting_connector:4.6.365.20210703
-
cpe:2.3:a:zoom:meeting_connector:4.7.1071.20210817
-
cpe:2.3:a:zoom:meeting_connector:4.7.1072.20210826