CVE-2023-34115

4.3MEDIUM

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Meeting Sdk
Vendor: CVE Published:; 13 June 2023

Summary

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.

Affected Version(s)

Zoom Meeting SDK before 5.13.0

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jun 13, 2023
Vulnerability Reserved
May 25, 2023