Vulnerabilities > Zoom > Meetings
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-03 | CVE-2020-11500 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. | 5.0 |
2020-04-01 | CVE-2020-11470 | Missing Authorization vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access. | 2.1 |
2020-04-01 | CVE-2020-11469 | Files or Directories Accessible to External Parties vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot. | 7.2 |