Cryptographic Issues in Zoom Mobile App for Android and iOS
CVE-2023-43583

4.9MEDIUM

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Mobile App For Android, Zoom Mobile App For iOS And Zoom Sdk
Vendor: CVE Published:; 13 December 2023

Summary

Cryptographic flaws in the Zoom Mobile App for Android and iOS and the corresponding SDKs prior to version 5.16.0 may expose sensitive information to a privileged user via network access. This vulnerability highlights the importance of implementing robust encryption protocols to protect user data from unauthorized access. Users of affected versions should prioritize upgrading their applications to the latest version to mitigate potential risks.

Affected Version(s)

Zoom Mobile App for Android, Zoom Mobile App for iOS and Zoom SDK Android before 5.16.0

References

https://www.zoom.com/en/trust/security-bulletin/ZSB-23056/

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 13, 2023
Vulnerability Reserved
Sep 19, 2023