Zoom Security Vulnerabilities (CVEs)

Track 84 security vulnerabilities affecting Zoom products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

7 Critical

41 High

36 Medium

Sort by:

🔔 Get Alerts for Zoom

CVE-2024-27244 6.7

This vulnerability in Zoom Workplace VDI App for Windows allows authenticated local users to escalate privileges due to insufficient verification of d...

May 15, 2024

CVE-2024-24693 7.2

An improper access control vulnerability in the Zoom Rooms Client for Windows installer allows authenticated local users to cause denial of service. T...

Mar 13, 2024

CVE-2024-24691 9.6

This vulnerability allows an unauthenticated attacker on the same network to escalate privileges on Windows systems running affected Zoom software. It...

Feb 14, 2024

CVE-2024-24697 7.2

This vulnerability allows an authenticated user on a Windows system to escalate privileges by exploiting an untrusted search path in Zoom's 32-bit cli...

Feb 14, 2024

CVE-2023-49647 8.8

This vulnerability allows authenticated users on Windows systems to escalate their privileges through local access to the Zoom Desktop Client, Zoom VD...

Jan 12, 2024

CVE-2023-43585 7.1

This vulnerability in Zoom Mobile App for iOS and Zoom SDKs for iOS allows authenticated users to access information they shouldn't have permission to...

Dec 13, 2023

CVE-2023-43590 7.8

This vulnerability in Zoom Rooms for macOS allows authenticated users with local access to escalate privileges through improper link following. Attack...

Nov 15, 2023

CVE-2023-39215 7.1

This vulnerability in Zoom clients allows authenticated users to cause denial of service attacks through network access. It affects Zoom users who hav...

Sep 12, 2023

CVE-2023-39201 7.2

This CVE describes an untrusted search path vulnerability in CleanZoom (Zoom's cleaning utility) that allows a privileged user to escalate privileges ...

Sep 12, 2023

CVE-2023-39211 8.8

This vulnerability in Zoom Desktop Client and Zoom Rooms for Windows allows authenticated local users to access sensitive information they shouldn't h...

Aug 8, 2023

CVE-2023-39213 9.6

This vulnerability in Zoom Desktop Client for Windows and Zoom VDI Client allows an unauthenticated attacker to escalate privileges via network access...

Aug 8, 2023

CVE-2023-39216 9.6

An improper input validation vulnerability in Zoom Desktop Client for Windows allows unauthenticated attackers to escalate privileges via network acce...

Aug 8, 2023

CVE-2023-36533 7.1

This vulnerability in Zoom SDKs allows unauthenticated attackers to cause denial of service by consuming excessive resources through network access. I...

Aug 8, 2023

CVE-2023-36534 9.3

A path traversal vulnerability in Zoom Desktop Client for Windows allows unauthenticated attackers to escalate privileges via network access. This aff...

Aug 8, 2023

CVE-2023-36540 7.3

This vulnerability in Zoom Desktop Client for Windows allows an authenticated local user to escalate privileges through an untrusted search path in th...

Aug 8, 2023

CVE-2023-36537 7.3

This vulnerability in Zoom Rooms for Windows allows authenticated local users to escalate their privileges on the system. Attackers with standard user...

Jul 11, 2023

CVE-2023-34118 7.3

This vulnerability in Zoom Rooms for Windows allows authenticated users with local access to escalate privileges on the system. It affects organizatio...

Jul 11, 2023

CVE-2023-34116 8.2

An improper input validation vulnerability in Zoom Desktop Client for Windows allows unauthorized users to escalate privileges via network access. Thi...

Jul 11, 2023

CVE-2023-28601 8.3

This vulnerability in Zoom for Windows allows a malicious user to manipulate protected memory buffers, potentially compromising the integrity of the Z...

Jun 13, 2023

CVE-2023-28603 7.7

The Zoom VDI client installer prior to version 5.14.0 contains an improper access control vulnerability that allows a malicious user to delete local f...

Jun 13, 2023

CVE-2023-34120 8.7

This vulnerability allows authenticated users on Windows systems to escalate privileges by leveraging Zoom client's elevated system permissions to spa...

Jun 13, 2023

CVE-2023-28598 7.5

Zoom for Linux clients prior to version 5.13.10 contain an HTML injection vulnerability (CWE-79) that allows malicious users to inject arbitrary HTML ...

Jun 13, 2023

CVE-2023-28597 8.3

Zoom clients before version 5.13.5 have a vulnerability where saving recordings to SMB locations and opening them via Zoom's web portal can allow adja...

Mar 27, 2023

CVE-2022-22786 7.5

This vulnerability allows attackers to trick users into downgrading their Zoom client to a less secure version by exploiting improper version checking...

May 18, 2022

CVE-2022-22781 7.5

This vulnerability in Zoom Client for MacOS allows attackers to downgrade users to older, less secure versions during the update process. It affects M...

Apr 28, 2022

CVE-2021-34424 7.5

This vulnerability in Zoom clients and servers allows attackers to read arbitrary memory contents, potentially exposing sensitive information like ses...

Nov 24, 2021

CVE-2021-34417 7.9

This vulnerability allows remote command injection through the network proxy configuration page in Zoom's on-premise components. An authenticated web ...

Nov 11, 2021

CVE-2021-33907 9.8

This vulnerability allows attackers to execute arbitrary code with elevated privileges by exploiting improper certificate validation during Zoom Clien...

Sep 27, 2021

CVE-2021-34409 7.8

This vulnerability allows a malicious actor with local access to a macOS system to exploit improper permissions on installation scripts, potentially e...

Sep 27, 2021

CVE-2021-34411 7.8

This vulnerability allows local privilege escalation during Zoom Rooms for Windows installation. If the installer runs with elevated privileges (like ...

Sep 27, 2021

CVE-2021-34413 7.5

A Time-of-check Time-of-use (TOC/TOU) vulnerability in the Zoom Plugin for Microsoft Outlook on macOS allows standard users to write malicious applica...

Sep 27, 2021

CVE-2021-34415 7.5

This vulnerability in Zoom On-Premise Meeting Connector Controller allows attackers to crash the Zone Controller service by sending specially crafted ...

Sep 27, 2021

CVE-2021-34416 9.8

This vulnerability allows authenticated administrators of Zoom's on-premise web portal to execute arbitrary commands on the underlying system by sendi...

Sep 27, 2021

CVE-2021-30480 8.5

This vulnerability allows remote authenticated attackers within the same Zoom organization or accepted external contacts to execute arbitrary code on ...

Apr 9, 2021

← Previous Page 2 of 2

Why Monitor Zoom Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 84+ known vulnerabilities affecting Zoom products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Zoom packages in under 60 seconds. No agents required - completely agentless scanning that works across Zoom deployments.

Free vulnerability database: Access detailed information about every Zoom CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Zoom CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Zoom CVEs Free