CVE-2022-28763

Name of the Vulnerable Software and Affected Versions Zoom Client for Meetings versions prior to 5.12.2

Description The issue allows a malicious Zoom meeting URL to direct the user to connect to an arbitrary network address, potentially leading to additional attacks, including session takeovers, when the URL is opened.

Recommendations For versions prior to 5.12.2, update to version 5.12.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of potentially malicious Zoom meeting URLs until the update is applied. Restrict access to untrusted URLs to minimize the risk of exploitation.