CVE-2023-39217
CVE-2023-39217
In short
Zoom SDK versions before 5.14.10 don't properly validate user input, allowing someone on the network to crash or disable the application without needing to log in.
Technical detail
CWE-80 improper input validation vulnerability in Zoom SDK < 5.14.10 allows unauthenticated network-based denial of service through malformed input that bypasses validation checks. Requires network access but no authentication credentials.
Summary generated and translated by AI from the official description.
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected products
Zoom Video Communications, Inc. · Zoom SDK'sWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →