Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Bulletin: ZSB-24029
CVEID: CVE-2024-39822
CVSS Severity: Medium
CVSS Score: 6.5
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description:

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace Desktop App for Linux before version 6.0.12
Zoom Workplace App for iOS before version 6.0.12
Zoom Workplace App for Android before version 6.0.12
Zoom Meeting SDK for iOS before version 6.0.12
Zoom Meeting SDK for Android before version 6.0.12
Zoom Rooms Client for Windows before version 6.1.0
Zoom Rooms Client for macOS before version 6.1.0
Zoom Rooms Client for iPad before version 6.1.0
Zoom Rooms Controller for Windows before version 6.1.0
Zoom Rooms Controller for macOS before version 6.1.0
Zoom Rooms Controller for Linux before version 6.1.0
Zoom Rooms Controller for Android before version 6.1.0

Source:

Reported by Zoom Offensive Security.

Revision	Date	Description
1.0	08/13/2024	Initial publication.

Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Subscribe for updates