) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:zoom:rooms:5.12.6:*:*:*:*:iphone_os:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-24699 |
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access. Published: February 13, 2024; 7:15:48 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2024-24697 |
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access. Published: February 13, 2024; 7:15:47 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-24690 |
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access. Published: February 13, 2024; 7:15:47 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-28597 |
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution. Published: March 27, 2023; 5:15:12 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |