Zoom Patches Multiple Vulnerabilities – GovInfoSecurity.com

Application Security , Governance & Risk Management , Incident & Breach Response

Flaws Enable Attackers To Intercept Data, Attack Customer Infrastructure

Zoom Patches Multiple Vulnerabilities

Cloud video conferencing provider Zoom has released patches for multiple vulnerabilities in its product that could have allowed criminals to intercept data from meetings and attack customer infrastructure.

See Also: Live Webinar | Enforcing Least Privilege Access in AWS Cloud Infrastructure with CIEM

The now patched vulnerabilities could have enabled attackers to obtain server access with maximum privileges and navigate further on the company’s network, as well as compromise the Zoom software’s functionality—making it impossible for victims to hold conferences.

Critical Vulnerabilities

In a Thursday security bulletin, Zoom released multiple patches for its product. The most serious, rated as high with a CVSS Score: 7.9, was the network proxy page on the web portal for products such as Zoom On-Premise Meeting Connector Controller, Zoom On-Premise Meeting Connector MMR, Zoom On-Premise Recording Connector, Zoom On-Premise Virtual Room Connector and Zoom On-Premise Virtual Room Connector Load Balancer.

The vulnerability tracked as CVE-2021-34417 fails to validate input sent in requests to set the network proxy password, which could lead to a remote command injection by a web portal administrator.

The second vulnerability tracked as CVE-2021-34422 is rated high with a CVSS score of 7.2 and affects Keybase Client for Windows that contains a path traversal vulnerability when checking the name of a file uploaded to a team folder.

“A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution,” Zoom states.

Lower-Rated Vulnerabilities

Another significant patch issued was for Zoom Windows installation executable signature bypass, which is rated as medium and has a CVSS score of 4.7.

The vulnerability tracked as CVE-2021-34420 affects all Zoom Client for Meetings for Windows before version 5.5.4.

“The Zoom Client for Meetings for Windows installer does not verify the signature of files with .msi, .ps1, and .bat extensions, which could lead to a threat actor installing malicious software on a victim’s computer,” Zoom notes.

The other patch issued by Zoom addresses a vulnerability in the Pre-auth Null pointer crash in the on-premise web console, which is tracked as CVE-2021-34418 and is rated medium with a CVSS score of 4.0.

“The login service of the web console for the products Zoom On-Premise Meeting Connector Controller, Zoom On-Premise Meeting Connector MMR, Zoom On-Premise Recording Connector, Zoom On-Premise Virtual Room Connector and Zoom On-Premise Virtual Room Connector Load Balancer, fails to validate that a NULL byte was sent while authenticating, which could lead to a crash of the login service,” Zoom notes.

The vulnerability tracked as CVE-2021-34419, with a CVSS score 3.7 affects Zoom Client for Meetings for Ubuntu Linux before version 5.1.0.

“There is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be targeted for social engineering attacks,” Zoom notes.

One of the lowest rated vulnerabilities patched, tracked as CVE-2021-34421, had a CVSS score of 3.7 and affects Keybase clients for Android and iOS. The vulnerability affects Android before version 5.8.0 and iOS before version 5.8.0.

The Keybase Client for Android and iOS fails to remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages, which could lead to disclosure of sensitive information which was meant to be deleted from the customer’s device.

Other Findings

Positive Technologies says it has identified several critical vulnerabilities (now patched) in Zoom’s local solutions for conferences, negotiations and recordings—Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector and others.

The errors were identified by Egor Dimitrenko, a researcher at Positive Technologies, who says that the vulnerabilities made it possible for attackers to enter commands to execute an attack and thereby obtain server access with maximum privileges.

“The users of the software in question, distributed under the on-premise model, are generally large companies that deploy these solutions in their networks to prevent data leaks,” the researchers note. “The malicious injections were possible thanks to the CVE-2021-34414 vulnerability (which has a CVSS score of 7.2). The issue has been reported in Zoom on-premise apps such as Meeting Connector Controller up to version 4.6, Meeting Connector MMR up to version 4.6, Recording Connector up to version 3.8, Virtual Room Connector up to version 4.4, and Virtual Room Connector Load Balancer prior to version 2.5.”

Another vulnerability found by the researchers at Positive Technologies is tracked by CVE-2021-34415, with a CVSS 3.0 score of 7.5, which could lead to a system crash. The error was reported by another Positive Technologies researcher, Nikita Abramov, in the Zoom On-Premise Meeting Connector Controller app, and the problem was rectified in version 4.6.

Upon exploiting this vulnerability, an attacker could compromise the software’s functionality, making it impossible for the affected organization to hold Zoom conferences.

Dimitrenko says the main reason why such vulnerabilities arise is a lack of sufficient verification of user data.

“You can often encounter vulnerabilities of this class in apps to which server administration tasks have been delegated. This vulnerability always leads to critical consequences and, in most instances, it results in intruders gaining full control over the corporate network infrastructure,” Dimitrenko notes.

Source of this news: https://www.govinfosecurity.com/zoom-patches-multiple-vulnerabilities-a-17906

Related posts:

Hiltzik: The threat of ransomware - Los Angeles Times
Fran Finnegan was on vacation in New York just before the Fourth of July weekend when he received a disturbing text message from one of his customers: How come his website was down?Finnegan quickly s...
How To Change Language On Netflix - Tech News Today
Were you about to watch your favorite show on Netflix, but your entire account is in another language? Or, is the audio and subtitles setting also in a different language?  Well, it’s very easy ...
A database of global coastal conditions | Scientific Data - Nature.com
1.Horning, N., Robinson, J. A., Sterling, E. J., Turner, W. & Spector, S. Remote sensing for ecology and conservation. Techniques in Ecology & Conservation Series (Oxford University Press, 20...
Netflix Intensifies Crackdown On VPN Users - Gentside
Thanks to licensing and as a consequence copyright restrictions in for each country, Netflix may have different shows and films on offer. But, many of us have been sneakily getting around thi...
Progress Announces Support for HTTP/2 in Fiddler Everywhere 3.0 - The Bakersfield Californian
Developers can now easily debug apps through HTTP/2 traffic connection and boost app performanceBEDFORD, Mass., Dec. 16, 2021 (GLOBE NEWSWIRE) -- Progress  (NASDAQ: PRGS), the l...
Apple’s Moves to Tighten Flow of User Data Leave Advertisers Anxious - The Wall Street Journal
Digital advertisers are studying new Apple Inc. measures that they fear will limit access to data about users, changes industry participants see as an escalation of the tech giant’s crackdown in the ...
What is SSH Agent Forwarding and How Do You Use It? - How-To Geek
Funtap / Shutterstock SSH agent forwarding allows you to use your private, local SSH key remotely without worrying about leaving confidential data on the server you’re working with. It’s built into ...
Functions Checkit to see if your system is considered Windows 11 compatible among the WindowsReport....
courtesy of Vlad Turiceanu Editor-in-Chief Passionate about technology, Windows, yet everything that has a power button, he spent most of it's time developing new skills as learning ...
Erik Prince: Q&A - Asia Times
Blackwater founder and former CEO Erik Prince recently spoke to Asia Times for a two-part, in-depth story: Part 1 can be read here; Part 2 can be read here. However, for the full convenience of read...
Best Album of 2021 So Far Poll - Billboard
Billboard picked 50 of the best albums of 2021 (so far), but we want to know: Which is your No. 1 choice?Aly & AJ released their first album in 14 years, Touch of the Beat Gets You Up o...
TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control - The Hacker News
Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things (IoT) devices as a go-between for establishin...
Amazon Prime Blocking Vpn: How To Fix Http Proxy Error - Analytics Insight
what to do when Amazon Prime is giving an HTTP Proxy Error? Check out solutions hereAre you still unable to access American Amazon Prime from Australia even after changing your IP address using a VPN...
Telegram found itself at the heart of any Ukraine war. How do you in order to and is it safe? import...
I would say the messaging tool Telegram is actually one of the apps at the heart to the war in Ukraine. Just days soon after Russia invaded, Ukrainian us president Volodymyr Zelenskyy sent a ph...
Microsoft-Signed Rootkit Targets Gaming Regions in China - Briwn Reading
Study have identified a rootkit with a valid digital well-known from Microsoft being being purchased within gaming environments as China. One of the rootkit, called FiveSys, is being used to re...
How to use NGINX as a reverse proxy for Apache - TechRepublic
Jack Wallen walks you through the process of setting up NGINX such that it will direct incoming port 80 traffic to Apache, listening on port 8080. NGINX is an incredibly fast web server. Apache is ...
Frequent API RoundUp: Amazon Giving away Partner, Datachip COVID-19 Shot Status, Findl - Programmabl...
Day-after-day, the ProgrammableWeb team typically is busy, updating its 3 or more primary directories for APIs , happy clientele (language-specific the library or SDKs for using or providing ...
Solution: Cannot add PPA: "This PPA does not support focal" in Linux Mint 20 - Linux News - BollyIns...
If you are adding PPA repo in Linux mint 20.02 and getting an error Cannot add PPA: ”This PPA does not support focal”. Then follow the simple command given in the article that will solve this error.I...
Trial Orders UK ISP TalkTalk to Block More Piracy Web - ISPreview. co. england
Budget broadband ISP TalkTalk has this week revised their list of blocked world wide web (i. e. those explore they’ve been told to sign up by the UK High Court) to include a number of new on...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30