CVE-2023-43586

7.3HIGH

Key Information

Status
Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows
Vendor
CVE Published:
13 December 2023

Summary

Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.

Affected Version(s)

Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows = See references

Refferences

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.