Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-43585: ZSB 23058

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

CVE
#ios#android#auth

Zoom Mobile App for iOS and SDKs for iOS - Improper Access Control

  • Bulletin: ZSB-23058
  • CVEID: CVE-2023-43585
  • CVSS Severity: High
  • CVSS Score: 7.1
  • CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Description:

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

  • Zoom Mobile App for iOS before version 5.16.5
  • Zoom Video SDK for iOS before version 5.16.5
  • Zoom Meeting SDK for iOS before version 5.16.5
  • Zoom Meeting SDK for Android before version 5.16.0

Source:

Reported by Zoom Offensive Security Team.

Subscribe for updates

Please provide your individual email address to receive notification of future Zoom Security Bulletins. (Note: Email aliases will not receive these notifications.)

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907