CVE-2023-28597
8.3HIGHZoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web por
Опубликовано: 3/27/2023Обновлено: 2/19/2025
Описание
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution.
ИИ-АнализНа базе ИИ
Затронутые продукты
zoomrooms
zoomrooms
zoomrooms
zoomrooms
zoomrooms
zoomzoom
zoomzoom
zoomzoom
zoomzoom
zoomzoom
zoomvirtual_desktop_infrastructure
microsoftwindows
-
Ссылки
- https://explore.zoom.us/en/trust/security/security-bulletin/Vendor Advisory
- https://explore.zoom.us/en/trust/security/security-bulletin/Vendor Advisory