CVE-2023-39213

Summary

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications, Inc.Zoom Desktop Client for Windows and Zoom VDI Clientbefore 5.15.2affected

Weaknesses

  • CWE-176: CWE-176: Improper Handling of Unicode Encoding

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References