QID 378088

QID 378088: Zoom VDI Information Disclosure Vulnerability (ZSB-23001)

Zoom provides video communications with a cloud platform for video and audio conferencing, chat, and webinars across mobile, desktop, and room systems.

Zoom VDI for Windows clients before 5.13.1 contain an information disclosure vulnerability.

Affected Versions:
Zoom VDI for Windows clients before 5.13.1

QID Detection Logic:
This authenticated QID detects vulnerable Zoom VDI Windows Meeting Clients prior to version 5.13.1 on Windows

Successful exploitation of this vulnerability may allows a remote attacker to gain access to potentially sensitive information.

  • CVSS V3 rated as High - 6.8 severity.
  • CVSS V2 rated as Medium - 4 severity.
  • Solution
    Customers are advised to upgrade to Zoom VDI for Windows clients 5.13.1 or later to remediate these vulnerabilities.

    CVEs related to QID 378088

    Software Advisories
    Advisory ID Software Component Link
    ZSB-23001 URL Logo explore.zoom.us/en/trust/security/security-bulletin/