CVE-2023-43586
HIGH severity · CVSS 7.3 · Untrusted search path
7.3CVSS HIGH
Summary
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges requiredHigh
User interactionRequired
Confidentiality impactHigh
Integrity impactHigh
Availability impactNone
Exploit probability (EPSS)1%
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.