Zoom Vulnerabilities

0
254
Zoom Vulnerabilities

Here we can see, “Zoom Vulnerabilities”

What is Zoom?

Zoom may be a cloud-based video conferencing service you’ll use to virtually meet with others – either by video or audio-only or both, all while conducting live chats – and it allows you to record those sessions to look at later. Over half of Fortune 500 companies reportedly used concentrate in 2019, and through 2020, it hit even greater heights, racking up 227 percent growth over the year.

When people talk about Zoom, you’ll usually hear the subsequent phrases: Zoom Meeting and Zoom Room. A-Zoom Meeting refers to a video conferencing meeting that’s hosted using Zoom. you’ll join these meetings via a webcam or phone. Meanwhile, a Zoom Room is the physical hardware setup that lets companies schedule and launches Zoom Meetings from their conference rooms.

Zoom Rooms require a further subscription on top of a Zoom subscription and are a perfect solution for larger companies.

Zoom Vulnerabilities Demonstrated in DEF CON Talk

A security researcher demonstrated multiple vulnerabilities, two of which could let an attacker read and steal user data.

Zoom has patched multiple vulnerabilities discovered by a security researcher who presented his findings during a DEF CON 28 talk. 

Security researcher Mazin Ahmed discovered vulnerabilities affecting Zoom’s production and development infrastructure, the Zoom Linux app, and Zoom’s implementation of end-to-end encryption. Ahmed first found a memory leak vulnerability affecting an API belonging to Zoom production infrastructure and reported it to the corporate in April.

Following this, he discovered more vulnerabilities, which were reported with additional follow-up in July. Zoom acknowledged receipt and provided a conclusive response; many of the problems were patched in Zoom version 5.2.4, which was released on Aug. 3.

In a write-up, Ahmed explained the issues he found and how Zoom responded. one among the subjects was within the Zoom Launcher implementation. Attackers could exploit Zoom Launcher for Linux to run their software, which he says “breaks all of the protection of application whitelisting” and will let malware run as a subprocess of Zoom. 

Attackers would wish to compromise a machine by other means to take advantage of this, Zoom says. Therefore the vulnerability would only work if they were running the Linux OS and using Zoom for the primary time. A patch was issued in version 5.2.0 on Aug. 2.

In another issue affecting Linux, Ahmed found the Zoom local database implementation allows Zoom to store custom configurations and user data. Assuming there’s already access to a user’s machine, anyone could read and exfiltrate Zoom user data and design, he explains. The user would even have to be running Linux. Zoom also patched this vulnerability in version 5.2.0.

Zoom has reached bent provide the subsequent statement: “We thank Mazin for reporting his findings. we’ve fixed all relevant issues and recommend that users keep their Zoom clients up so far to make sure they receive ongoing security and merchandise updates. Zoom appreciates vulnerability reports from researchers.” those that think they’ve discovered a Zoom security issue are encouraged to send an in-depth report back to security@zoom.us.

What were the two Zoom vulnerabilities?

Talos’ first vulnerability was an exploitable path traversal vulnerability within the Zoom app version 4.6.10 associated with the GIF functionality. Tracked as CVE-2020-6109, an attacker must send a specially crafted message to a target user or group to trigger the vulnerability. 

“Only Giphy servers were originally alleged to be used for this feature in Zoom,” Talos‘ Jon Munshaw says. “However, the content from an arbitrary server would be loaded during this case, which might be abused to further leak information or abuse other vulnerabilities.”

Talos says there’s a server-side fix for this issue, but the researchers believe it “still requires a fix on the client-side to resolve the safety risk completely.”

The second vulnerability, fixed in May, maybe a Zoom client application chat code snippet RCE vulnerability tracked as CVE-2020-6110. All an attacker would wish to try to to to trigger this vulnerability is sent a specially crafted message. For the significant severe impact, target user interaction is required, Talos said. 

In an email, Zoom told me it had addressed both issues in its late April release. “Zoom’s fixes included both a server-side and client-side patch,” a spokesman told me, adding that users can help keep themselves secure “by applying current updates or downloading the newest Zoom software.”