Zoom has joined the CVE Program as a CVE Numbering Authority (CNA).
“This is a significant milestone for us as our security program continues to mature here at Zoom,” the company said. “We’re excited to receive CNA status and to collaborate with the wider security community.”
The CVE Program’s overall mission is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities that require third-party notification or coordination to fully remediate. Cybersecurity and IT professionals use CVE records to ensure they are discussing the same security issue, coordinate their efforts, and prioritize and address vulnerabilities. The program is an international, community-based effort and relies on the industry norms of the responsible and coordinated security community to discover vulnerabilities.
As a CNA, Zoom may assign CVE identification numbers to newly discovered security vulnerabilities and publish related details in associated CVE Records.
Source: https://www.securitymagazine.com/articles/95119-zoom-joins-cve-program-as-a-cve-numbering-authority-cna