Zoom Rooms vulnerabilities
107 known vulnerabilities affecting zoom/rooms.
Total CVEs
107
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH56MEDIUM49LOW1
Vulnerabilities
Page 6 of 6
CVE-2023-39212P4MEDIUMCVSS 5.5fixed in 5.15.52023-08-08
CVE-2023-39212 [MEDIUM] CWE-144 CVE-2023-39212: Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated us
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.
nvd
CVE-2024-24698P4MEDIUMCVSS 4.4fixed in 5.17.02024-02-14
CVE-2024-24698 [MEDIUM] CWE-449 CVE-2024-24698: Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
nvd
CVE-2023-39202P4MEDIUMCVSS 5.5fixed in 5.16.02023-11-14
CVE-2023-39202 [MEDIUM] CWE-426 CVE-2023-39202: Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged us
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
nvd
CVE-2025-0146P4MEDIUMCVSS 5.0fixed in 6.2.102025-01-30
CVE-2025-0146 [MEDIUM] CWE-59 CVE-2025-0146: Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authe
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.
nvd
CVE-2024-24692P4MEDIUMCVSS 4.7fixed in 5.17.52024-03-13
CVE-2024-24692 [MEDIUM] CWE-367 CVE-2024-24692: Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.
nvd
CVE-2024-39821P4MEDIUMCVSS 4.4fixed in 6.0.62024-07-15
CVE-2024-39821 [MEDIUM] CWE-367 CVE-2024-39821: Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows ma
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access.
nvd
CVE-2022-28764P4LOWCVSS 3.3fixed in 5.12.62022-11-14
CVE-2022-28764 [LOW] CWE-200 CVE-2022-28764: The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being abl
nvd
← Previous6 / 6