CVE-2023-43588

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 15, 2023

Updated: Nov 21, 2023

CWE ID 691

Summary

CVE-2023-43588 is a vulnerability affecting some Zoom clients that allows authenticated users to disclose information through insufficient control flow management. This issue can be exploited via network access, potentially leading to unintended data exposure. The exact nature of the information that can be disclosed and the specific Zoom clients impacted have not been detailed in the available information. Users are encouraged to apply the relevant patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zoom Cloud Meetings
Zoom Virtual Desktop Infrastructure

Affected Vendors

Zoom Video Communications, Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/svAght
https://www.cve.org/CVERecord?id=CVE-2023-43588
https://nvd.nist.gov/vuln/detail/CVE-2023-43588

Back to Vulnerability Database