Vulnerabilities > Zoom > Virtual Desktop Infrastructure > 5.14.13

DATE CVE VULNERABILITY TITLE RISK
2024-01-12 CVE-2023-49647 Unspecified vulnerability in Zoom products
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.
local
low complexity
zoom
7.8
7.8
2023-12-13 CVE-2023-43586 Path Traversal vulnerability in Zoom products
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
network
low complexity
zoom CWE-22
8.8
8.8
2023-12-13 CVE-2023-49646 Improper Authentication vulnerability in Zoom products
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-287
6.5
6.5
2023-08-08 CVE-2023-39213 Injection vulnerability in Zoom Virtual Desktop Infrastructure and Zoom
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
network
low complexity
zoom CWE-74
critical
 9.8
9.8