Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

2020-07-30 21:40

A security issue in popular video conferencing platform Zoom was disclosed this week, which could have allowed attackers to crack private meeting passcodes and snoop in on video conferences.

The problem, which has already been fixed, stems from Zoom not having any check against repeated incorrect meeting password attempts.

The six-digit, numeric passwords protect Zoom meetings, and were added to meetings by default by Zoom in April as an extra security measure to prevent "Zoom bombers" from freely entering and hijacking meetings.

Anthony said Zoom appears to have mitigated the issue by both requiring a user logs in to join meetings in the web client, and updating default meeting passwords to be non-numeric and longer.

"Upon learning of this issue on April 1st, we immediately took down the Zoom web client to ensure our users' security while we implemented mitigations," a Zoom spokesperson told Threatpost.

News URL

https://threatpost.com/zoom-flaw-could-have-allowed-hackers-to-crack-meeting-passcodes/157883/

#crack #hacker #zoom

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zoom		54	4	51	80	12	147