Vulnerability cyber

Zoom

Apr 8, 2025 1 min read
Zoom

Zoom released updates for vulnerabilities across various platforms, including the most severe cross-site scripting flaw which could compromise user data integrity. The vulnerabilities, with medium to low CVSS scores, could be exploited to inject malicious scripts or cause denial of service. Zoom addressed the issues in their latest updates for an extensive range of applications including desktop, mobile, VDI clients, Zoom Rooms, and the Meeting SDK.

Source: https://cybersecuritynews.com/zoom-workplace-apps-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/zoom-video-communications

"id": "zoo642040825",
"linkid": "zoom-video-communications",
"type": "Vulnerability",
"date": "4/2025",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Zoom',
                        'type': 'Company'}],
 'attack_vector': 'Cross-Site Scripting (XSS)',
 'data_breach': {'type_of_data_compromised': 'User data integrity'},
 'description': 'Zoom released updates for vulnerabilities across various '
                'platforms, including the most severe cross-site scripting '
                'flaw which could compromise user data integrity. The '
                'vulnerabilities, with medium to low CVSS scores, could be '
                'exploited to inject malicious scripts or cause denial of '
                'service. Zoom addressed the issues in their latest updates '
                'for an extensive range of applications including desktop, '
                'mobile, VDI clients, Zoom Rooms, and the Meeting SDK.',
 'impact': {'data_compromised': 'User data integrity',
            'systems_affected': ['Desktop',
                                 'Mobile',
                                 'VDI clients',
                                 'Zoom Rooms',
                                 'Meeting SDK']},
 'motivation': ['Inject malicious scripts', 'Cause denial of service'],
 'post_incident_analysis': {'corrective_actions': 'Released updates for '
                                                  'various platforms'},
 'response': {'remediation_measures': 'Released updates for various platforms'},
 'title': 'Zoom Cross-Site Scripting Vulnerability',
 'type': 'Vulnerability',
 'vulnerability_exploited': 'Cross-Site Scripting (XSS)'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Nvidia

public 2 min read
Nvidia advised customers to ensure mitigations against Rowhammer attacks after researchers found one of its workstation-grade GPUs is susceptible. The…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.