Zoom Fixes Flaw Opening Meetings to Hackers

2020-01-28 11:00

NEW ORLEANS - Enterprise video conferencing firm Zoom has issued a bevy of security fixes after researchers said the company's platform used weak authentication that made it possible for adversaries to join active meetings.

The issue stems from Zoom's conference meetings not requiring a "Meeting password" by default, which is a password assigned to Zoom attendees for what is calls a meeting room.

If meeting creators do not enable a "Meeting password," the only thing securing the meetings are Meeting IDs, which are 9, 10, or 11 digit meeting identifying numbers.

In response, Zoom now has added passwords by default to any scheduled meetings.

Cisco Systems just last week also fixed a high-severity vulnerability in its popular Webex video conferencing platform, which could let strangers barge in on password-protected meetings - no authentication necessary.

News URL

https://threatpost.com/zoom-fixed-flaw-opening-meetings-to-hackers/152266/

#hacker #zoom

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zoom		56	4	62	56	9	131