CVE-2023-22882
Published on: Not Yet Published
Last Modified on: 03/28/2023 02:12:00 PM UTC
Certain versions of Zoom from Zoom contain the following vulnerability:
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.
- CVE-2023-22882 has been assigned by
s[email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software:
Zoom Video Communications Inc - Zoom (for Android, iOS, Linux, macOS, and Windows) clients before version 5.13.5 version < 5.13.5
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | NONE | HIGH |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Security Bulletins | Zoom | explore.zoom.us text/html |
![]() |
Related QID Numbers
- 378103 Zoom Client for Meetings Multiple Security Vulnerabilities (ZSB-23002)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Zoom | Zoom | All | All | All | All |
- cpe:2.3:a:zoom:zoom:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Zoomに、Mediumの脆弱性情報 ZSB-23002 が公開されました。 「CVE-2023-22881<br>CVE-2023-22882 : Denial of Service in Zoom Clients」 explore.zoom.us/en/trust/secur… | 2023-03-14 21:53:37 |
![]() |
CVE-2023-22882 : Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could s… twitter.com/i/web/status/1… | 2023-03-16 21:10:22 |
![]() |
CVE-2023-22882 | 2023-03-16 21:38:53 |