Zoom Client < 5.1.3 RCE Vulnerability (Jul 2020) - Windows

The Zoom Client is prone to a remote code execution (RCE) vulnerability.

The vulnerability allows a remote attacker to execute arbitrary code on victim's computer where Zoom Client for Windows is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack.

Zoom Client versions prior to 5.1.3 on Windows.

Checks if a vulnerable version is present on the target host.

Update to version 5.1.3 or later. Note: The update information is based on the information provided by a 3rdparty article linked in the references. No official information is currently available.