Security Advisory – Medium Severity Information Disclosure Vulnerability in Zoom Windows Clients

Zoom has announced a medium severity vulnerability, CVE-2024-24696, affecting its Windows Desktop and VDI Clients, and Meeting SDK. This flaw, with a CVSS score of 6.8, involves improper input validation in the in-meeting chat feature, potentially allowing information disclosure via network access by an authenticated user. Users are advised to update to the latest versions specified by Zoom to secure their systems against this vulnerability.

For more details, visit Zoom’s Security Bulletin.