PT-2023-3756 · Zoom · Zoom

Publicado

2023-06-13

·

Atualizado

2023-06-21

·

CVE-2023-28602

CVSS v3.1

7.7

Alta

VetorAV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Zoom versions prior to 5.13.5
Description The issue is related to an improper verification of cryptographic signature, which may allow a malicious user to downgrade Zoom Client components to previous versions.
Recommendations For versions prior to 5.13.5, update to version 5.13.5 or later to resolve the issue.

Correção

Improper Verification of Cryptographic Signature

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-347

Identificadores relacionados

BDU:2023-04045
CVE-2023-28602

Produtos afetados

Zoom