Searching
..

Click anywhere to stop

KLA12539
Multiple vulnerabilities in Zoom

Обновлено: 22/01/2024
Дата обнаружения
17/05/2022
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Zoom. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Insufficient hostname validation vulnerability can be exploited remotely to gain privileges.
  2. Security vulnerability can be exploited to bypass security restrictions.
  3. Improperly constrained session cookies vulnerability can be exploited remotely to gain privileges.
  4. Improper XML Parsing can be exploited remotely to execute arbitrary code.
Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Zoom for Windows earlier than 5.10.0

Решение

Update to the latest version
Download Zoom

Первичный источник обнаружения
Zoom Security Bulletin
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Zoom MSI
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе