Zoom Mobile App for iOS and SDKs for iOS - Improper Access Control

Bulletin: ZSB-23058
CVEID: CVE-2023-43585
CVSS Severity: High
CVSS Score: 7.1
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Description:

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.

Affected Products:

Zoom Mobile App for iOS before version 5.16.5
Zoom Video SDK for iOS before version 5.16.5
Zoom Meeting SDK for iOS before version 5.16.5
Zoom Meeting SDK for Android before version 5.16.0

Source:

Reported by Zoom Offensive Security Team.

Revision	Date	Description
1.0	12/12/2023	Initial Publication

Zoom Mobile App for iOS and SDKs for iOS - Improper Access Control

Subscribe for updates