CVE-2023-36534

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 11, 2023

CWE ID 22

Summary

CVE-2023-36534 is a newly disclosed vulnerability affecting the Zoom Desktop Client for Windows prior to version 5.14.7. This issue involves a path traversal flaw that can be exploited by unauthenticated users over the network. Successful exploitation may allow the attacker to escalate their privileges and gain elevated access to the affected system. This vulnerability poses a significant risk and requires immediate attention from Zoom desktop clients users running older versions to apply the latest security patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zoom Cloud Meetings

Affected Vendors

Zoom Video Communications, Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sQ7e5c
https://www.cve.org/CVERecord?id=CVE-2023-36534
https://nvd.nist.gov/vuln/detail/CVE-2023-36534

Back to Vulnerability Database