CVE-2023-39216

Summary

Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications, Inc.Zoom Desktop Client for Windowsbefore 5.14.7affected

Weaknesses

  • CWE-80: CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References