CVE-2024-45422

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 20

Summary

CVE-2024-45422 is a newly disclosed vulnerability affecting some Zoom Apps prior to version 6.2.0. This issue involves improper input validation, enabling an unauthenticated attacker to execute a denial-of-service (DoS) attack through network access. By exploiting this weakness, an adversary can cause targeted Zoom applications to become unresponsive or crash, resulting in service disruptions for legitimate users. The vulnerability poses a significant risk, as DoS attacks can lead to downtime and negatively impact productivity. It is recommended that users upgrade to the latest version of Zoom Apps to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Video SDK

Affected Vendors

  • Zoom Video Communications, Inc