CVE-2024-24695

Name of the Vulnerable Software and Affected Versions Zoom Desktop Client for Windows (affected versions not specified) Zoom VDI Client for Windows (affected versions not specified) Zoom Meeting SDK for Windows (affected versions not specified)

Description The issue is related to improper input validation, which may allow an authenticated user to disclose information via network access. This can be exploited by a remote attacker to reveal protected information.

Recommendations For Zoom Desktop Client for Windows, consider restricting network access until a fix is available. For Zoom VDI Client for Windows, avoid using the software for sensitive information exchange until the issue is resolved. For Zoom Meeting SDK for Windows, as a temporary workaround, consider disabling any functionality that relies on user input validation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.