CVE-2023-34121
CVE-2023-34121
In short
Zoom's Windows client versions before 5.14.0 don't properly check user input, which could let a logged-in user gain higher privileges on the system through a network connection.
Technical detail
CWE-79 input validation flaw in Zoom Windows/Rooms/VDI clients <5.14.0 allows authenticated network-based privilege escalation; requires valid user credentials and network access to the vulnerable client.
Summary generated and translated by AI from the official description.
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
Affected products
Zoom Video Communications, Inc. · Zoom for WindowsZoom Video Communications, Inc. · Zoom Rooms Client for WindowsZoomZoom Video Communications, Inc. · Zoom VDI for Windows Meeting ClientsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →