PT-2021-5222 · Zoom · Zoom Rooms For Conference Room+21
Natalie Silvanovich
·
Published
2021-08-13
·
Updated
2025-07-05
·
CVE-2021-34423
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Zoom Client for Meetings versions 5.8.3 and earlier
Zoom Client for Meetings for Blackberry versions 5.8.0 and earlier
Zoom Client for Meetings for intune versions 5.8.3 and earlier
Zoom Client for Meetings for Chrome OS versions 5.0.0 and earlier
Zoom Rooms for Conference Room versions 5.8.2 and earlier
Controllers for Zoom Rooms versions 5.8.2 and earlier
Zoom VDI versions 5.8.3 and earlier
Zoom VDI Azure Virtual Desktop Plugins versions 5.8.4.21111 and earlier
Zoom VDI Citrix Plugins versions 5.8.4.21111 and earlier
Zoom VDI VMware Plugins versions 5.8.4.21111 and earlier
Zoom Meeting SDK for Android versions 5.7.6.1921 and earlier
Zoom Meeting SDK for iOS versions 5.7.6.1081 and earlier
Zoom Meeting SDK for macOS versions 5.7.6.1339 and earlier
Zoom Meeting SDK for Windows versions 5.7.6.1080 and earlier
Zoom Video SDK versions 1.1.1 and earlier
Zoom On-Premise Meeting Connector Controller versions 4.8.12.20211114 and earlier
Zoom On-Premise Meeting Connector MMR versions 4.8.12.20211114 and earlier
Zoom On-Premise Recording Connector versions 5.1.0.64.20211115 and earlier
Zoom On-Premise Virtual Room Connector versions 4.4.7265.20211116 and earlier
Zoom On-Premise Virtual Room Connector Load Balancer versions 2.5.5691.20211116 and earlier
Zoom Hybrid Zproxy versions 1.0.1057.20211115 and earlier
Zoom Hybrid MMR versions 4.6.20211115.131 x86-63 and earlier
Description
A buffer overflow vulnerability was discovered in Zoom software, potentially allowing a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code. The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker. This vulnerability can lead to the execution of arbitrary code, potentially allowing an attacker to gain control over the affected system.
Recommendations
Update Zoom Client for Meetings to version 5.8.4 or later.
Update Zoom Client for Meetings for Blackberry to version 5.8.1 or later.
Update Zoom Client for Meetings for intune to version 5.8.4 or later.
Update Zoom Client for Meetings for Chrome OS to version 5.0.1 or later.
Update Zoom Rooms for Conference Room to version 5.8.3 or later.
Update Controllers for Zoom Rooms to version 5.8.3 or later.
Update Zoom VDI to version 5.8.4 or later.
Update Zoom VDI Azure Virtual Desktop Plugins to version 5.8.4.21112 or later.
Update Zoom VDI Citrix Plugins to version 5.8.4.21112 or later.
Update Zoom VDI VMware Plugins to version 5.8.4.21112 or later.
Update Zoom Meeting SDK for Android to version 5.7.6.1922 or later.
Update Zoom Meeting SDK for iOS to version 5.7.6.1082 or later.
Update Zoom Meeting SDK for macOS to version 5.7.6.1340 or later.
Update Zoom Meeting SDK for Windows to version 5.7.6.1081 or later.
Update Zoom Video SDK to version 1.1.2 or later.
Update Zoom On-Premise Meeting Connector Controller to version 4.8.12.20211115 or later.
Update Zoom On-Premise Meeting Connector MMR to version 4.8.12.20211115 or later.
Update Zoom On-Premise Recording Connector to version 5.1.0.65.20211116 or later.
Update Zoom On-Premise Virtual Room Connector to version 4.4.7266.20211117 or later.
Update Zoom On-Premise Virtual Room Connector Load Balancer to version 2.5.5692.20211117 or later.
Update Zoom Hybrid Zproxy to version 1.0.1058.20211116 or later.
Update Zoom Hybrid MMR to version 4.6.20211116.131 x86-64 or later.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zoom Rooms Controllers
Zoom Client For Meetings
Zoom Client For Meetings For Blackberry
Zoom Client For Meetings For Chrome Os
Zoom Client For Meetings For Intune
Zoom Hybrid Mmr
Zoom Hybrid Zproxy
Zoom Meeting Sdk For Android
Zoom Meeting Sdk For Windows
Zoom Meeting Sdk For Ios
Zoom On-Premise Meeting Connector Controller
Zoom On-Premise Meeting Connector Mmr
Zoom On-Premise Recording Connector
Zoom On-Premise Virtual Room Connector
Zoom On-Premise Virtual Room Connector Load Balancer
Zoom Rooms For Conference Room
Zoom Vdi
Zoom Vdi Azure Virtual Desktop Plugins
Zoom Vdi Citrix Plugins
Zoom Vdi Vmware Plugins
Zoom Video Sdk
Zoom