#VU95828 Buffer overflow in Zoom Video Communications, Inc. products - CVE-2024-42438
Published: August 13, 2024
Vulnerability identifier: #VU95828
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-42438
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Zoom Workplace Desktop App for Windows
Zoom Workplace Desktop App for macOS
Zoom Workplace Desktop App for Linux
Zoom Workplace App for iOS
Zoom Workplace App for Android
Virtual Desktop Infrastructure (VDI)
Zoom Workplace Desktop App for Windows
Zoom Workplace Desktop App for macOS
Zoom Workplace Desktop App for Linux
Zoom Workplace App for iOS
Zoom Workplace App for Android
Virtual Desktop Infrastructure (VDI)
Software vendor:
Zoom Video Communications, Inc.
Zoom Video Communications, Inc.
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can crash the application.
Remediation
Install updates from vendor's website.