Zoom Rooms 5.11.3 for MacOS

CPE Details

Zoom Rooms 5.11.3 for MacOS
zoom
rooms
5.11.3
2023-01-12
15h27 +00:00
2023-07-06
13h33 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:zoom:rooms:5.11.3:*:*:*:*:macos:*:*

Informations

Vendor

zoom

Product

rooms

Version

5.11.3

Target Software

macos

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-45418 2025-02-25 19h52 +00:00 Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.
8.8
Haute
CVE-2024-45417 2025-02-25 19h49 +00:00 Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of information via local access.
6
Moyen
CVE-2024-42441 2024-08-14 16h46 +00:00 Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
6.7
Moyen
CVE-2024-42440 2024-08-14 16h44 +00:00 Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
6.7
Moyen
CVE-2024-42438 2024-08-14 16h41 +00:00 Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
6.5
Moyen
CVE-2024-42437 2024-08-14 16h41 +00:00 Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
6.5
Moyen
CVE-2024-42436 2024-08-14 16h41 +00:00 Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
6.5
Moyen
CVE-2024-42435 2024-08-14 16h39 +00:00 Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
4.9
Moyen
CVE-2024-42434 2024-08-14 16h39 +00:00 Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
4.9
Moyen
CVE-2024-39824 2024-08-14 16h39 +00:00 Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
4.9
Moyen
CVE-2024-39823 2024-08-14 16h39 +00:00 Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
4.9
Moyen
CVE-2024-39822 2024-08-14 16h38 +00:00 Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.
6.5
Moyen
CVE-2024-39818 2024-08-14 16h36 +00:00 Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.
7.5
Haute
CVE-2024-39825 2024-08-14 16h34 +00:00 Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.
8.5
Haute
CVE-2024-24690 2024-02-14 00h00 +00:00 Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
6.5
Moyen
CVE-2024-24699 2024-02-13 23h58 +00:00 Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
6.5
Moyen
CVE-2024-24697 2024-02-13 23h53 +00:00 Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
7.8
Haute
CVE-2023-43591 2023-11-14 23h16 +00:00 Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
7.8
Haute
CVE-2023-43590 2023-11-14 23h15 +00:00 Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
7.8
Haute
CVE-2023-43582 2023-11-14 23h12 +00:00 Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
8.8
Haute
CVE-2023-39199 2023-11-14 23h06 +00:00 Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
6.5
Moyen
CVE-2023-39206 2023-11-14 23h02 +00:00 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5
Haute
CVE-2023-39204 2023-11-14 22h28 +00:00 Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
7.5
Haute
CVE-2023-39214 2023-08-08 21h38 +00:00 Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
8.1
Haute
CVE-2023-39218 2023-08-08 17h54 +00:00 Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
6.1
Moyen
CVE-2023-36535 2023-08-08 17h39 +00:00 Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
7.1
Haute
CVE-2023-36532 2023-08-08 17h30 +00:00 Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
7.5
Haute
CVE-2023-28597 2023-03-27 00h00 +00:00 Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution.
8.3
Haute
CVE-2022-36925 2023-01-08 23h00 +00:00 Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism. The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service.
7.8
Haute
CVE-2022-28764 2022-11-14 20h17 +00:00 The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account.
3.3
Bas