Denial of Service in Zoom Clients
CVE-2023-22882
7.5HIGH
Key Information
- Vendor
- Zoom
- Status
- Zoom (for Android, iOS, Linux, macOS, and Windows) clients before version 5.13.5
- Vendor
- CVE Published:
- 16 March 2023
Summary
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.
Affected Version(s)
Zoom (for Android, iOS, Linux, macOS, and Windows) clients before version 5.13.5 < 5.13.5
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database