Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rooms
(Zoom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 60 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-25 | CVE-2024-45421 | Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access. | Meeting_software_development_kit, Rooms, Rooms_controller, Video_software_development_kit, Workplace, Workplace_desktop, Workplace_virtual_desktop_infrastructure | 8.8 | ||
| 2025-02-25 | CVE-2024-45424 | Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access. | Meeting_software_development_kit, Rooms, Rooms_controller, Workplace, Workplace_desktop, Workplace_virtual_desktop_infrastructure | 7.5 | ||
| 2025-02-25 | CVE-2024-45425 | Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. | Meeting_software_development_kit, Rooms, Rooms_controller, Workplace, Workplace_desktop, Workplace_virtual_desktop_infrastructure | 6.5 | ||
| 2025-02-25 | CVE-2024-45417 | Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of information via local access. | Meeting_software_development_kit, Rooms, Video_software_development_kit, Workplace_desktop | 5.5 | ||
| 2025-02-25 | CVE-2024-45418 | Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access. | Meeting_software_development_kit, Rooms, Video_software_development_kit, Workplace_desktop | 8.8 | ||
| 2025-02-25 | CVE-2024-45426 | Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. | Meeting_software_development_kit, Rooms, Rooms_controller, Workplace, Workplace_desktop, Workplace_virtual_desktop_infrastructure | 6.5 | ||
| 2023-03-27 | CVE-2023-28597 | Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution. | Rooms, Virtual_desktop_infrastructure, Zoom | 7.5 | ||
| 2021-09-27 | CVE-2021-34409 | It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post- installation shell scripts to a user-writable directory. In the affected products listed below, a malicious actor with local access to a user's machine could use this flaw to potentially run arbitrary... | Meetings, Rooms, Screen_sharing | 7.8 | ||
| 2021-09-27 | CVE-2021-34411 | During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | Rooms | 7.8 | ||
| 2022-05-18 | CVE-2022-22786 | The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. | Meetings, Rooms | 8.8 |