Vulnerability · NVD

CVE-2023-34121

MEDIUM 4.1 Published on 2023-06-13

Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.

Attack vector : Network

Show raw CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

EPSS 0.53% above median percentile 67.5%

Tracked apps referencing this CVE

For each app: the affected range, the fixing version, and where the tracked app stands today.

Zoom Workplace Windows winget:Zoom.Zoom

Affected <5.14.0 Fixed in 5.14.0 Latest tracked 7.0.38856 patched

Vulnerable CPE configurations (1)

Vendor	Product	Platform	Versions	CPE 2.3 URI
zoom	zoom Windows	Windows	<5.14.0	cpe:2.3:a:zoom:zoom::::::windows::*

View on NVD ↗