Multiple vulnerabilities in Zoom

Описание

Multiple vulnerabilities were found in Zoom. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Insufficient hostname validation vulnerability can be exploited remotely to gain privileges.
2. Security vulnerability can be exploited to bypass security restrictions.
3. Improperly constrained session cookies vulnerability can be exploited remotely to gain privileges.
4. Improper XML Parsing can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• Zoom Security Bulletin
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Zoom-MSI

Список CVE

• CVE-2022-22787
  high
• CVE-2022-22786
  high
• CVE-2022-22785
  high
• CVE-2022-22784
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com