Earlier this week a security researcher shared a remote code execution "0day" vulnerability in Zoom Client for Windows with our team. The vulnerability allows a remote attacker to execute arbitrary code on victim's computer where Zoom Client for Windows (any currently supported version) is installed by getting the user to perform some typical action such as opening a document file. No security warning is shown to the user in the course of attack.
The researcher (who wants to keep their identity private) stated that they did not report the vulnerability to Zoom either directly or through a broker, but would not object to us reporting it to Zoom.
Analysis
0patch analyzed the issue and determined it to be only exploitable on Windows 7 and older Windows systems. While Microsoft's official support for Windows 7 has ended this January, there are still millions of home and corporate users out there prolonging its life with Microsoft's Extended Security Updates or with 0patch.
0patch then documented the issue along with several attack scenarios, and reported it to Zoom earlier today along with a working proof of concept and recommendations for fixing. Should a bug bounty be awarded by Zoom, it shall be waived in favor of a charity of researcher's choice.
0 Day remote code execution vulnerability in ZOOM client for windows
Subscribe to:
Post Comments (Atom)
FortiManager Zero-Day Exploit: Fortinet Issues Urgent Security Warning
Fortinet Issues Urgent Warning About Critical FortiManager Vulnerability (CVE-2024-47575) Fortinet has publicly disclosed a critical vulne...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements....
-
In the dark alleys of the internet, a new breed of cybercriminals is quietly perfecting their art. Meet the villains behind the alarming s...
No comments:
Post a Comment