CVE-2023-39203
CVE-2023-39203
In short
Zoom Team Chat on Windows can be made to consume excessive resources by an unauthenticated attacker over the network, potentially leading to information disclosure. This could allow someone to crash the application or extract sensitive data without logging in.
Technical detail
An unauthenticated attacker can send crafted network packets to the Zoom Team Chat service (CWE-789: uncontrolled resource consumption) on Windows and VDI clients, causing resource exhaustion. This resource depletion may enable information disclosure through side-channel effects or denial of service conditions.
Summary generated and translated by AI from the official description.
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected products
Zoom Video Communications, Inc. · Zoom Rooms Client for Windows and Zoom VDI ClientWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →