Shodan
Vulnerabilities
Vulnerable Software
Zoom:  >> Virtual Desktop Infrastructure  >> 5.11.2  Security Vulnerabilities
CVE-2023-49647
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.
CVSS Score
8.8
EPSS Score
0.0
Published
2024-01-12
CVE-2023-49646
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
6.4
EPSS Score
0.0
Published
2023-12-13
CVE-2023-43586
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-12-13
CVE-2023-43582
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
CVSS Score
5.5
EPSS Score
0.002
Published
2023-11-15
CVE-2023-43588
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
CVSS Score
3.5
EPSS Score
0.004
Published
2023-11-15
CVE-2023-39206
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
CVSS Score
3.7
EPSS Score
0.003
Published
2023-11-14
CVE-2023-39199
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-11-14
CVE-2023-39202
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
CVSS Score
3.1
EPSS Score
0.0
Published
2023-11-14
CVE-2023-39203
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-11-14
CVE-2023-39204
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
CVSS Score
4.3
EPSS Score
0.003
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved