Zoom Meetings 5.10.6 for macOS

CPE Details

Zoom Meetings 5.10.6 for macOS
zoom
meetings
5.10.6
2022-10-14
15h43 +00:00
2022-11-10
18h03 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:zoom:meetings:5.10.6:*:*:*:*:macos:*:*

Informations

Vendor

zoom

Product

meetings

Version

5.10.6

Target Software

macos

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-43582 2023-11-14 23h12 +00:00 Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
8.8
Haute
CVE-2023-39199 2023-11-14 23h06 +00:00 Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
6.5
Moyen
CVE-2023-39206 2023-11-14 23h02 +00:00 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5
Haute
CVE-2023-39205 2023-11-14 22h32 +00:00 Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
6.5
Moyen
CVE-2023-39204 2023-11-14 22h28 +00:00 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5
Haute
CVE-2022-28768 2022-11-17 22h36 +00:00 The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root.
8.8
Haute
CVE-2022-28764 2022-11-14 20h17 +00:00 The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account.
3.3
Bas
CVE-2022-28763 2022-10-31 19h49 +00:00 The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers.
9.6
Critique
CVE-2022-28762 2022-10-14 14h51 +00:00 Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client.
7.8
Haute
CVE-2022-28757 2022-08-18 19h31 +00:00 The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
8.8
Haute
CVE-2022-28751 2022-08-17 21h06 +00:00 The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
8.8
Haute
CVE-2022-28756 2022-08-15 22h11 +00:00 The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
8.8
Haute