Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zoom Video Communications Inc — Vulnerabilities & Security Advisories 52

Browse all 52 CVE security advisories affecting Zoom Video Communications Inc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zoom Video Communications Inc operates a cloud-based video conferencing platform that facilitates remote communication for businesses and individuals. With 52 recorded CVEs, its historical vulnerability landscape has predominantly featured remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from improper input validation in its client applications or web interfaces. Privilege escalation vulnerabilities have also been documented, allowing unauthorized access to sensitive meeting data or system resources. Notable incidents include the "Zoombombing" phenomenon, which highlighted significant privacy and access control weaknesses in early versions, prompting extensive security overhauls. While Zoom has since implemented end-to-end encryption and enhanced authentication measures, the persistent presence of RCE vulnerabilities in its desktop clients remains a critical concern for enterprise security teams, necessitating rigorous patch management and configuration audits to mitigate potential exploitation risks.

Top products by Zoom Video Communications Inc: Zoom On-Premise Meeting Connector MMR Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) Zoom Client for Meetings for Android Zoom Client for Meetings for MacOS Zoom Rooms for macOS Zoom Client for Meetings for Windows Zoom On-Premise Meeting Connector Controller Zoom (for Android, iOS, Linux, macOS, and Windows) clients before version 5.13.5 Zoom Rooms for Windows Keybase Client for Windows Zoom Client for Meetings for MacOS (Standard and for IT Admin) Zoom Rooms Installer for Windows Zoom (for Android, iOS, Linux, macOS, and Windows) Zoom Client for Meetings for IT Admin macOS installers Zoom Client for Meetings for IT Admin Windows installers Zoom for Windows Zoom On-Premise Meeting Connector Zoom for Android Zoom Client for Meetings for Ubuntu Linux Keybase Client for macOS Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) Zoom Client for Meetings for Windows (32-bit) Keybase Client for Android Zoom Room for Conference Room for Windows Zoom On-Premise Meeting Connector Zone Controller (ZC) On-Premise Meeting Connectors Zoom Client for Meetings
CVE IDTitleCVSSSeverityPublished
CVE-2022-28749 Insufficient Authorization Check During Meeting Join — On-Premise Meeting Connectors 6.5 Medium2022-06-15
CVE-2022-22788 DLL injection in Zoom Opener installer for Zoom and Zoom Rooms clients — Zoom Client for Meetings 7.1 High2022-06-15
CVE-2022-22787 Insufficient hostname validation during Clusterswitch message in Zoom Client for Meetings — Zoom Client for Meetings for Android 5.9 Medium2022-05-18
CVE-2022-22786 Update package downgrade in Zoom Client for Meetings for Windows — Zoom Client for Meetings for Windows 7.5 High2022-05-18
CVE-2022-22785 Improperly constrained session cookies in Zoom Client for Meetings — Zoom Client for Meetings for Android 5.9 Medium2022-05-18
CVE-2022-22784 Improper XML Parsing in Zoom Client for Meetings — Zoom Client for Meetings for Android 8.1 High2022-05-18
CVE-2022-22783 Process memory exposure in Zoom on-premise Meeting services — Zoom On-Premise Meeting Connector Controller 6.5 Medium2022-04-28
CVE-2022-22782 Local privilege escalation in Windows Zoom Clients — Zoom Client for Meetings for Windows 7.9 High2022-04-28
CVE-2022-22781 Update package downgrade in Zoom Client for Meetings for MacOS — Zoom Client for Meetings for MacOS (Standard and for IT Admin) 7.5 High2022-04-28
CVE-2022-22780 Zoom Chat Susceptible to Zip Bombing — Zoom Client for Meetings for Android 4.7 Medium2022-02-09
CVE-2022-22779 Retained exploded messages in Keybase clients for macOS and Windows — Keybase Client for macOS 3.7 Low2022-02-09
CVE-2021-34426 Arbitrary command execution in Keybase Client for Windows — Keybase Client for Windows 5.3 Medium2021-12-14
CVE-2021-34425 Server Side Request Forgery in Zoom Client for Meetings chat — Zoom Client for Meetings for Android 4.7 Medium2021-12-14
CVE-2021-34424 Process memory exposure in Zoom Client and other products — Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) 7.5 -2021-11-24
CVE-2021-34423 Buffer overflow in Zoom client and other products — Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) 9.8 -2021-11-24
CVE-2021-34417 Authenticated remote command execution with root privileges via web console in MMR — Zoom On-Premise Meeting Connector Controller 7.9 High2021-11-11
CVE-2021-34418 Pre-auth Null pointer crash in on-premise web console — Zoom On-Premise Meeting Connector 4.0 Medium2021-11-11
CVE-2021-34419 HTML injection in Zoom Linux client — Zoom Client for Meetings for Ubuntu Linux 3.7 Low2021-11-11
CVE-2021-34420 Zoom Windows installation executable signature bypass — Zoom Client for Meetings for Windows 4.7 Medium2021-11-11
CVE-2021-34421 Retained exploded messages in Keybase Clients for Android and iOS — Keybase Client for Android 3.7 Low2021-11-11
CVE-2021-34422 Path traversal of file names in Keybase Client for Windows — Keybase Client for Windows 7.2 High2021-11-11
CVE-2021-34409 Zoom Client Installer Local Privilege Escalation — Zoom Client for Meetings for MacOS (Standard and for IT Admin) 7.8 High2021-09-27

This page lists every published CVE security advisory associated with Zoom Video Communications Inc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.