Unauthenticated Denial of Service Vulnerability in Zoom Apps
CVE-2024-45422

7.5HIGH

Key Information:

Vendor: Zoom
Status: Zoom Workplace Apps, Sdks, Rooms Clients, And Rooms Controllers
Vendor: CVE Published:; 19 November 2024

What is CVE-2024-45422?

A vulnerability exists in Zoom Apps prior to version 6.2.0 due to improper input validation, allowing an unauthenticated user to exploit the flaw. This exploitation could lead to a denial of service, disrupting normal operations and potentially affecting user access to the application. Organizations using these apps should promptly update to the latest version to mitigate this risk.

Affected Version(s)

Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24044

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2024
Vulnerability Reserved
Aug 28, 2024