{"api_version":"1","generated_at":"2026-04-17T12:05:09+00:00","cve":"CVE-2024-27243","urls":{"html":"https://cve.report/CVE-2024-27243","api":"https://cve.report/api/cve/CVE-2024-27243.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-27243","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-27243"},"summary":{"title":"Zoom Apps - Buffer Overflow","description":"Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.","state":"PUBLISHED","assigner":"Zoom","published_at":"2024-05-15 21:15:07","updated_at":"2026-04-06 13:50:19"},"problem_types":["CWE-122","CWE-122 CWE-122 Heap-based Buffer Overflow"],"metrics":[{"version":"3.1","source":"security@zoom.us","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://www.zoom.com/en/trust/security-bulletin/zsb-24014/","name":"https://www.zoom.com/en/trust/security-bulletin/zsb-24014/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-27243","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27243","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Zoom Video Communications, Inc.","product":"see references","version":"affected see references","platforms":["Windows","MacOS","Linux","iOS","Android"]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"meeting_software_development_kit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"android","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"meeting_software_development_kit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"iphone_os","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"meeting_software_development_kit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"linux","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"meeting_software_development_kit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"macos","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"meeting_software_development_kit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"android","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"iphone_os","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace_desktop","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"linux","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace_desktop","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"macos","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace_desktop","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"27243","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zoom","cpe5":"workplace_virtual_desktop_infrastructure","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2024-27243","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2024-05-16T17:56:39.641952Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2024-06-04T17:46:30.360Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2024-08-02T00:28:00.293Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://www.zoom.com/en/trust/security-bulletin/zsb-24014/"}],"title":"CVE Program Container"}],"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Windows","MacOS","Linux","iOS","Android"],"product":"see references","vendor":"Zoom Video Communications, Inc.","versions":[{"status":"affected","version":"see references"}]}],"datePublic":"2024-05-14T12:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(247, 247, 248);\">Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.</span><br>"}],"value":"Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-122","description":"CWE-122 Heap-based Buffer Overflow","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2024-09-20T14:34:14.212Z","orgId":"99b9af0d-a833-4a5d-9e2f-8b1324f35351","shortName":"Zoom"},"references":[{"url":"https://www.zoom.com/en/trust/security-bulletin/zsb-24014/"}],"source":{"discovery":"UNKNOWN"},"title":"Zoom Apps - Buffer Overflow","x_generator":{"engine":"Vulnogram 0.2.0"}}},"cveMetadata":{"assignerOrgId":"99b9af0d-a833-4a5d-9e2f-8b1324f35351","assignerShortName":"Zoom","cveId":"CVE-2024-27243","datePublished":"2024-05-15T20:37:45.264Z","dateReserved":"2024-02-21T21:15:32.633Z","dateUpdated":"2024-09-20T14:34:14.212Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2024-05-15 21:15:07","lastModifiedDate":"2026-04-06 13:50:19","problem_types":["CWE-122","CWE-122 CWE-122 Heap-based Buffer Overflow"],"metrics":{"cvssMetricV31":[{"source":"security@zoom.us","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"3154195D-9813-4273-B64A-0B587B1F733B"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"702E8D74-0044-4516-90F4-000AC3BC5A67"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"51DE8F54-E0E7-49C6-AD5B-D9E9B4080B63"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"50727157-CFAE-4E98-A653-0AF4334F77D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"12E5BC5A-47D8-44D6-9A05-EF9786D5754B"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace:*:*:*:*:*:android:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"7F735CF1-61E6-461D-86F3-0E076160B4B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"C9E0BD65-CAAE-4589-811C-4ACE63F3CC6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"958B7AE9-3CDD-47AB-9CDB-469FD0AE3AB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"193F2AFB-4C6A-457D-BA62-549742853649"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*","versionEndExcluding":"5.17.5","matchCriteriaId":"2B03AF4F-6B99-4B0A-92E0-A72A063131D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*","versionEndExcluding":"5.15.17","matchCriteriaId":"E99B4057-A36A-45CA-A44F-936032C13531"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*","versionStartIncluding":"5.16.0","versionEndExcluding":"5.16.15","matchCriteriaId":"BD895266-BA2E-4A3D-81D5-6F10931F27C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*","versionStartIncluding":"5.16.16","versionEndExcluding":"5.17.5","matchCriteriaId":"A2E39573-B3E8-4CC1-8DD3-A3F694E93231"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"27243","Ordinal":"1","Title":"Zoom Apps - Buffer Overflow","CVE":"CVE-2024-27243","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"27243","Ordinal":"1","NoteData":"Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.","Type":"Description","Title":"Zoom Apps - Buffer Overflow"}]}}}