CVE-2021-34424 | Process memory exposure in Zoom Client and other products

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom on-premise Meeting Connector before version 4.8.12.20211115, Zoom on-premise Meeting Connector MMR before version 4.8.12.20211115, Zoom on-premise Recording Connector before version 5.1.0.65.20211116, Zoom on-premise Virtual Room Connector before version 4.4.7266.20211117, Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64 which potentially allowed for the exposure of the state of process memory. This issue could be used to potentially gain insight into arbitrary areas of the product's memory.

Published: 2021-11-24 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2021-34424 is rated Moderate Risk (57.2/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.67%). Core evidence: EPSS rose +1.40% over the last day, indicating growing attacker interest. Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2021-34424

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.27% 1.67% +1.40%
2 2025-12-23 0.50% 0.27% -0.23%
3 2025-11-21 0.50%

Full EPSS history (17 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2021-34424

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 3.1 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
3.9 3.6 [email protected]
5.3 3.0 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
3.9 1.4 [email protected]
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
10.0 2.9 [email protected]

Weakness enumeration for CVE-2021-34424

Affected software / configurations for CVE-2021-34424

Vendor Product Version Raw CPE
zoom meetings < 5.8.3 cpe:2.3:a:zoom:meetings:*:*:*:*:*:*:*:*
zoom meetings < 5.8.4 cpe:2.3:a:zoom:meetings:*:*:*:*:*:*:*:*
zoom meetings_for_blackberry < 5.8.1 cpe:2.3:a:zoom:meetings_for_blackberry:*:*:*:*:*:*:*:*
zoom meetings_for_intune < 5.8.4 cpe:2.3:a:zoom:meetings_for_intune:*:*:*:*:*:*:*:*
zoom meetings_for_chrome_os < 5.0.1 cpe:2.3:a:zoom:meetings_for_chrome_os:*:*:*:*:*:*:*:*
zoom rooms_for_conference_rooms < 5.8.3 cpe:2.3:a:zoom:rooms_for_conference_rooms:*:*:*:*:*:*:*:*
zoom controllers_for_zoom_rooms < 5.8.3 cpe:2.3:a:zoom:controllers_for_zoom_rooms:*:*:*:*:*:*:*:*
zoom virtual_desktop_infrastructure < 5.8.4 cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
zoom android_meeting_sdk < 5.7.6.1922 cpe:2.3:a:zoom:android_meeting_sdk:*:*:*:*:*:*:*:*
zoom iphone_os_meeting_sdk < 5.7.6.1082 cpe:2.3:a:zoom:iphone_os_meeting_sdk:*:*:*:*:*:*:*:*
zoom macos_meeting_sdk < 5.7.6.1340 cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*
zoom windows_meeting_sdk < 5.7.6.1081 cpe:2.3:a:zoom:windows_meeting_sdk:*:*:*:*:*:*:*:*
zoom android_video_sdk < 1.1.2 cpe:2.3:a:zoom:android_video_sdk:*:*:*:*:*:*:*:*
zoom iphone_os_video_sdk < 1.1.2 cpe:2.3:a:zoom:iphone_os_video_sdk:*:*:*:*:*:*:*:*
zoom macos_video_sdk < 1.1.2 cpe:2.3:a:zoom:macos_video_sdk:*:*:*:*:*:*:*:*
zoom windows_video_sdk < 1.1.2 cpe:2.3:a:zoom:windows_video_sdk:*:*:*:*:*:*:*:*
zoom hybrid_mmr < 4.6.20211116.131 cpe:2.3:a:zoom:hybrid_mmr:*:*:*:*:*:*:*:*
zoom hybrid_zproxy < 1.0.1058.20211116 cpe:2.3:a:zoom:hybrid_zproxy:*:*:*:*:*:*:*:*
zoom zoom_on-premise_meeting_connector_controller < 4.8.12.20211115 cpe:2.3:a:zoom:zoom_on-premise_meeting_connector_controller:*:*:*:*:*:*:*:*
zoom zoom_on-premise_meeting_connector_mmr < 4.8.12.20211115 cpe:2.3:a:zoom:zoom_on-premise_meeting_connector_mmr:*:*:*:*:*:*:*:*
zoom zoom_on-premise_recording_connector < 5.1.0.65.20211116 cpe:2.3:a:zoom:zoom_on-premise_recording_connector:*:*:*:*:*:*:*:*
zoom zoom_on-premise_virtual_room_connector < 4.4.7266.20211117 cpe:2.3:a:zoom:zoom_on-premise_virtual_room_connector:*:*:*:*:*:*:*:*
zoom zoom_on-premise_virtual_room_connector_load_balancer < 2.5.5692.20211117 cpe:2.3:a:zoom:zoom_on-premise_virtual_room_connector_load_balancer:*:*:*:*:*:*:*:*
zoom vdi_azure_virtual_desktop < 5.8.4.21112 cpe:2.3:a:zoom:vdi_azure_virtual_desktop:*:*:*:*:*:*:*:*
zoom vdi_citrix < 5.8.4.21112 cpe:2.3:a:zoom:vdi_citrix:*:*:*:*:*:*:*:*
zoom vdi_vmware < 5.8.4.21112 cpe:2.3:a:zoom:vdi_vmware:*:*:*:*:*:*:*:*

References for CVE-2021-34424

cvelogic Threat Intelligence