Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA12539
Multiple vulnerabilities in Zoom

Обновлено: 19/05/2022
Дата обнаружения
 17/05/2022
Уровень угрозы
 High
Описание

Multiple vulnerabilities were found in Zoom. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Insufficient hostname validation vulnerability can be exploited remotely to gain privileges.
  2. Security vulnerability can be exploited to bypass security restrictions.
  3. Improperly constrained session cookies vulnerability can be exploited remotely to gain privileges.
  4. Improper XML Parsing can be exploited remotely to execute arbitrary code.
Пораженные продукты

Zoom for Windows earlier than 5.10.0
Решение

Update to the latest version
Download Zoom
Первичный источник обнаружения
 Zoom Security Bulletin
Оказываемое влияние
?
ACE 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
 Zoom MSI
CVE-IDS
CVE-2022-227875.0Critical
CVE-2022-227865.0Critical
CVE-2022-227855.0Critical
CVE-2022-227845.0Critical
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up