vulnerability

Zoom: CVE-2022-22780: Zoom Team Chat Susceptible to Zip Bombing

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Feb 8, 2022	Nov 14, 2023	Sep 22, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Feb 8, 2022

Added

Nov 14, 2023

Modified

Sep 22, 2025

Description

The Zoom Client for Meetings chat functionality was susceptible to Zip bombing attacks in the following product versions: Android before version 5.8.6, iOS before version 5.9.0, Linux before version 5.8.6, macOS before version 5.7.3, and Windows before version 5.6.3. This could lead to availability issues on the client host by exhausting system resources.

Solution

zoom-zoom-upgrade-latest

References

CWE-400
CVE-2022-22780
https://attackerkb.com/topics/CVE-2022-22780
URL-https://www.zoom.com/en/trust/security-bulletin/ZSB-22002

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today