CVE-2023-39212 HIGH

CVE-2023-39212

Vendor Zoom Video Communications, Inc.
Product Zoom Rooms for Windows
Weakness CWE-144
Published August 8, 2023
Last update October 4, 2024

CVSS base score

7.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.

Key dates

02Disclosure timeline

August 8, 2023 CVE published
October 4, 2024 Record updated