Security News > 2020 > June > Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat

Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat
2020-06-03 08:53

Cybersecurity researchers from Cisco Talos unveiled today that it discovered two critical vulnerabilities in the Zoom software that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely.

According to the researchers, successful exploitation of both flaws requires no or very little interaction from targeted chat participants and can be executed just by sending specially crafted messages through the chat feature to an individual or a group.

The second remote code execution vulnerability resided in the way vulnerable versions of the Zoom application process code snippets shared through the chat.

Cisco Talos researchers tested both flaws on version 4.6.10 of the Zoom client application and responsibly reported it to the company.

Released just last month, Zoom patched both critical vulnerabilities with the release of version 4.6.12 of its video conferencing software for Windows, macOS, or Linux computers.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/qgszbhEPRd0/zoom-video-software-hacking.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zoom 54 4 51 80 12 147