CVE-2022-28750

HIGH

Zoom On-Premise Meeting Connector Zone Controller (ZC) <4.8.2022041...

Title source: llm

Description

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://explore.zoom.us/en/trust/security/security-bulletin/

Scores

CVSS v3 7.5

EPSS 0.0064

EPSS Percentile 70.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-121 CWE-787

Status published

Products (1)

zoom/meeting_connector < 4.8.20220419.112

Published Aug 11, 2022

Tracked Since Feb 18, 2026