Security Advisory – Medium Severity Information Disclosure Vulnerability in Zoom Clients

Zoom has released details about CVE-2024-24699, a medium severity vulnerability with a CVSS score of 6.5, affecting various Zoom clients including Desktop, VDI, and Mobile Apps across multiple platforms. This business logic error in in-meeting chat could allow an authenticated user to disclose information via network access. Users are advised to update their software to the latest versions for protection.

Further details can be found on Zoom’s Security Bulletin.