Improper Input Validation in Zoom Desktop Client for Linux
CVE-2023-39208

7.5HIGH

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Desktop Client For Linux
Vendor: CVE Published:; 12 September 2023

Summary

An issue identified in Zoom Desktop Client for Linux prior to version 5.15.10 involves a flaw in input validation, which can be exploited by unauthenticated users to execute denial-of-service attacks through network access. This vulnerability poses significant risks to users, emphasizing the importance of maintaining updated software versions to safeguard against potential attacks.

Affected Version(s)

Zoom Desktop Client for Linux Linux before version 5.15.10

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2023
Vulnerability Reserved
Jul 25, 2023