CVE-2023-49647

Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

20 Sep 2024, 15:15

Type Values Removed Values Added
CWE CWE-284 CWE-266

22 Jan 2024, 14:23

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-12 22:15

Updated : 2024-09-20 15:15


NVD link : CVE-2023-49647

Mitre link : CVE-2023-49647

CVE.ORG link : CVE-2023-49647


JSON object : View

Products Affected

microsoft

  • windows

zoom

  • virtual_desktop_infrastructure
  • video_software_development_kit
  • meeting_software_development_kit
  • zoom
CWE
NVD-CWE-noinfo CWE-266

Incorrect Privilege Assignment