CVE-2023-43585 – This vulnerability in Zoom Mobile App for iOS a... (How to Fix)

Q: What is the severity of CVE-2023-43585?

CVE-2023-43585 has a CVSS score of 7.1 (HIGH). This vulnerability in Zoom Mobile App for iOS and Zoom SDKs for iOS allows authenticated users to access information they shouldn't have permission to view via network connections. It affects users running Zoom iOS versions before 5.16.5 who are logged into their accounts.

📋 TL;DR

This vulnerability in Zoom Mobile App for iOS and Zoom SDKs for iOS allows authenticated users to access information they shouldn't have permission to view via network connections. It affects users running Zoom iOS versions before 5.16.5 who are logged into their accounts.

💻 Affected Systems

Products:

Zoom Mobile App for iOS
Zoom SDKs for iOS

Versions: All versions before 5.16.5

Operating Systems: iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects iOS versions of Zoom. Requires user authentication to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Authenticated attackers could access sensitive meeting data, chat history, or user information that should be protected by access controls.

🟠

Likely Case

Users with legitimate Zoom accounts could accidentally or intentionally access information from meetings or groups they weren't invited to.

🟢

If Mitigated

With proper access controls and updated software, users can only access information they're explicitly authorized to view.

🌐 Internet-Facing: MEDIUM - Exploitation requires network access and authenticated user credentials, but vulnerable apps connect to internet services.

🏢 Internal Only: LOW - The vulnerability requires authenticated access, making it less likely to be exploited from purely internal positions without valid credentials.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires authenticated user access and understanding of Zoom's API/network protocols.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.16.5 and later

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/ZSB-23058/

Restart Required: Yes

Instructions:

1. Open the App Store on iOS device. 2. Search for 'Zoom'. 3. Tap 'Update' if available, or ensure version is 5.16.5+. 4. Restart the Zoom app after update.

🔧 Temporary Workarounds

Restrict Zoom Access

all

Limit Zoom app usage to trusted networks only and monitor for unusual access patterns.

🧯 If You Can't Patch

Implement network segmentation to isolate Zoom traffic and monitor for unauthorized data access
Enforce strict access controls and audit user permissions within Zoom organization settings

🔍 How to Verify

Check if Vulnerable:

Check Zoom app version in iOS Settings > General > iPhone Storage > Zoom, or open Zoom app > tap profile > About Zoom

Check Version:

Not applicable for iOS apps - use manual version check in app settings

Verify Fix Applied:

Confirm Zoom app version is 5.16.5 or higher using the same method

📡 Detection & Monitoring

Log Indicators:

Unusual API calls to Zoom endpoints
Access patterns showing users accessing meetings/groups they shouldn't have permissions for

Network Indicators:

Abnormal data transfer volumes from Zoom app
Requests to Zoom APIs with unexpected parameters

SIEM Query:

source="zoom" AND (event_type="unauthorized_access" OR user_activity="unusual_pattern")

📊 Metadata

CVE ID: CVE-2023-43585

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

CWE: CWE-449

Published: December 13, 2023

Last Updated: November 21, 2024

🔗 References

https://www.zoom.com/en/trust/security-bulletin/ZSB-23058/ Vendor Advisory
https://www.zoom.com/en/trust/security-bulletin/ZSB-23058/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-43585, you might also want to check these: