[MART] - Daily Diary #518 - New Zoom Vulnerabilities Discovered

CTAS-MAT ctas-mat at appgate.com
Wed May 25 22:36:35 UTC 2022 

Hello,

I hope everyone is doing well!

Below is the entry for today.

05/25/2022 - Diary entry #518:

Zoom is a cloud-based video conferencing platform used for meetings, webinars, and live chats that became very popular as soon as the pandemic took place. That popularity came with a downsize as Zoom's security issues started to emerge, turning companies and end-users devices into targets.

Recently this month, four Zoom flaws with medium to high severity scores were disclosed. The less critical ones are related to improperly constrained session cookies and an insufficient hostname validation during server switch in the Zoom client. The more severe ones, CVE-2022-22786 (CVSS score: 7.5) and CVE-2022-22784 (CVSS score: 8.1) can respectively allow attackers to perform an update downgrade (in the Zoom Windows client) and exploit an improper XML parsing.

By chaining these vulnerabilities, an attacker can mislead a vulnerable client into connecting to a malicious server. Then, perform a downgrade to a less secure version, resulting in arbitrary code execution. While the downgrade attack only affects the Windows version, the other vulnerabilities impact other platforms such as Android, iOS, Linux, macOS, and Windows.

Video conferencing platforms are today a highly targeted vector that if successfully exploited, can allow sophisticated threat actors to break into devices and carry out espionage or escalate to other types of attacks. Therefore, it is crucial to keep those appliances updated and strengthen their underlying environments.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220525/0281ff1b/attachment.htm>

More information about the MART mailing list