Zoom Client for Meetings Vulnerability: Server Switch Request Hostname Validation Failure

Zoom Client for Meetings Vulnerability: Server Switch Request Hostname Validation Failure

CVE-2022-22787 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services.

Learn more about our Cis Benchmark Audit For Apple Ios.