Zoom Workplace Apps and SDKs - Protection Mechanism Failure

Bulletin: ZSB-24025
CVEID: CVE-2024-39818
CVSS Severity: High
CVSS Score: 7.5
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description:

Protection mechanism failure in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace App for iOS before version 6.0.10
Zoom Workplace Desktop App for Linux before version 6.0.10
Zoom Workplace Desktop App for Windows before version 6.0.10
Zoom Workplace Desktop App for macOS before version 6.0.10
Zoom Workplace VDI Client for Windows before version 5.17.13
Zoom Meeting SDK for Windows before version 6.0.10
Zoom Meeting SDK for iOS before version 6.0.10
Zoom Meeting SDK for Android before version 6.0.10
Zoom Meeting SDK for macOS before version 6.0.10
Zoom Meeting SDK for Linux before version 6.0.10

Source:

Reported by Zoom Offensive Security.

Revision	Date	Description
1.0	08/13/2024

Zoom Workplace Apps and SDKs - Protection Mechanism Failure

Subscribe for updates