Home

CVE-2024-27246

Description

Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.045

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom Rooms (6.0.0.4016)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom Rooms (x86) (6.0.0.4016)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom (x64) (5.17.11.34827)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom Client for VDI (5.17.11.24850)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom Client for VDI (MSI) (x64) (5.17.11.24850)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom (5.17.11.34827)Windows
Vulnerabilities CVE-2024-27239,CVE-2024-27246,CVE-2024-27245 are fixed in Zoom VDI Universal Plugin (5.17.11.24850)Windows
Multiple vulnerabilities are fixed in Zoom Rooms (6.0.0.4016)Windows
Multiple vulnerabilities are fixed in Zoom Rooms (x86) (6.0.0.4016)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-339050Zoom Rooms (6.0.7.4157)
PATCH-339051Zoom Rooms (x86) (6.0.7.4157)
PATCH-338637Zoom Workplace (x64) (6.0.11.39959)
PATCH-338387Zoom Client for VDI (5.17.12.24920)
PATCH-338388Zoom Client for VDI (MSI) (x64) (5.17.12.24920)
PATCH-338636Zoom Workplace (6.0.11.39959)
PATCH-337832Zoom VDI Universal Plugin (5.17.11.24850)
PATCH-339749Zoom Rooms (6.1.0.4333)
PATCH-339051Zoom Rooms (x86) (6.0.7.4157)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234