General : Zoom Client < 5.13.5 Multiple Vulnerabilities (ZSB-23002, ZSB-23005)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.126395

Categoría: General

Título: Zoom Client < 5.13.5 Multiple Vulnerabilities (ZSB-23002, ZSB-23005) - Windows

Resumen: The Zoom Client is prone to multiple vulnerabilities.

Descripción: Summary:
The Zoom Client is prone to multiple vulnerabilities.

Vulnerability Insight:
The following vulnerabilities exist:

- CVE-2023-22881: A malicious actor could send specially crafted UDP traffic to a victim Zoom
client to remotely cause the client to crash, causing a denial of service.

- CVE-2023-22882: A malicious actor could send specially crafted UDP traffic to a victim Zoom
client to remotely cause the client to crash, causing a denial of service.

- CVE-2023-28597: If a victim saves a local recording to an SMB location and later opens it using
a link from Zooms web portal, an attacker positioned on an adjacent network to the victim client
could set up a malicious SMB server to respond to client requests, causing the client to execute
attacker controlled executables.

Affected Software/OS:
Zoom Client prior to version 5.13.5.

Solution:
Update to version 5.13.5 or later.

CVSS Score:
6.8

CVSS Vector:
AV:A/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-22881
https://explore.zoom.us/en/trust/security/security-bulletin/
Common Vulnerability Exposure (CVE) ID: CVE-2023-22882
Common Vulnerability Exposure (CVE) ID: CVE-2023-28597

Copyright Copyright (C) 2023 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.126395
Categoría:	General
Título:	Zoom Client < 5.13.5 Multiple Vulnerabilities (ZSB-23002, ZSB-23005) - Windows
Resumen:	The Zoom Client is prone to multiple vulnerabilities.
Descripción:	Summary: The Zoom Client is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2023-22881: A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. - CVE-2023-22882: A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. - CVE-2023-28597: If a victim saves a local recording to an SMB location and later opens it using a link from Zooms web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. Affected Software/OS: Zoom Client prior to version 5.13.5. Solution: Update to version 5.13.5 or later. CVSS Score: 6.8 CVSS Vector: AV:A/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-22881 https://explore.zoom.us/en/trust/security/security-bulletin/ Common Vulnerability Exposure (CVE) ID: CVE-2023-22882 Common Vulnerability Exposure (CVE) ID: CVE-2023-28597
Copyright	Copyright (C) 2023 Greenbone Networks GmbH