CVE-2023-36534
CVE-2023-36534
In short
The Zoom Desktop Client for Windows has a flaw that allows someone on the network to bypass security protections and gain higher privileges on your computer without needing a password. This could let attackers take control of your system.
Technical detail
Path traversal vulnerability in Zoom Desktop Client for Windows prior to version 5.14.7 permits unauthenticated remote attackers to manipulate file paths via network access, enabling privilege escalation. The vulnerability requires network-level access but no prior authentication, resulting in potential arbitrary code execution or system compromise.
Summary generated and translated by AI from the official description.
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H
Affected products
Zoom Video Communications, Inc. · Zoom Desktop Client for WindowsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →