CVE-2023-39204

CVSS 4.3 MEDIUMEPSS 1.1%CWE-120

In short

A buffer overflow vulnerability in Zoom clients allows an unauthenticated attacker to crash the application by sending specially crafted data over the network, causing a denial of service.

Technical detail

Buffer overflow in Zoom client network handling (CWE-120) enables unauthenticated DoS via malformed network packets; no authentication required, but attacker must have network access to the affected client, resulting in application crash or instability.

Summary generated and translated by AI from the official description.

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Zoom Video Communications, Inc. · Zoom Clients

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://explore.zoom.us/en/trust/security/security-bulletin/