CVE-2023-39215
CVE-2023-39215
In short
A user who is already logged into Zoom can crash or disable the application for other users through specially crafted network messages. This affects the reliability of Zoom meetings and communications.
Technical detail
An authenticated attacker can exploit improper authentication validation in Zoom clients to send malicious network packets that trigger a denial of service condition. The vulnerability requires prior authentication and network access to the target client, resulting in application unavailability or crash.
Summary generated and translated by AI from the official description.
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Affected products
Zoom Video Communications, Inc. · Zoom ClientsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →