Denial of Service Vulnerability in Zoom Rooms Client and Zoom VDI Client
CVE-2023-39202

3.1LOW

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Rooms Client For Windows And Zoom Vdi Client
Vendor: CVE Published:; 14 November 2023

Summary

The Zoom Rooms Client for Windows and Zoom VDI Client contain a vulnerability that can be exploited through an untrusted search path. A privileged user with local access may utilize this vulnerability to trigger a denial of service, leading to interruptions in service. This poses a significant risk to operational continuity when using these applications in various environments.

Affected Version(s)

Zoom Rooms Client for Windows and Zoom VDI Client Windows see references

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Jul 25, 2023