Zoom for macOS & Windows Contains High-Risk Security Flaws

by do son · Published · Updated

CVE-2022-36926

Six newly discovered security vulnerabilities in Zoom can let the attacker run read and write to the Zoom application data directory, cause a local denial of service and escalate their privileges to root or SYSTEM users, according to the latest findings.

The vulnerabilities tracked as CVE-2022-36926, CVE-2022-36927, CVE-2022-36930, and CVE-2022-36929, and all rated high severity have been described as local privilege escalation issues that could ultimately lead to taking control of the affected system.

CVE-2022-36926 and CVE-2022-36927 (CVSS score 8.8) impacted Zoom Rooms for macOS Clients prior to 5.11.3. “A local low-privileged user could exploit this vulnerability to escalate their privileges to root.”

CVE-2022-36929 (CVSS score 7.8) affects Zoom Rooms for Windows clients before version 5.12.7. “A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.”

CVE-2022-36930 (CVSS score 8.2) affects Zoom Rooms for Windows installers before version 5.13.0. “A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.”

A pair of medium-severity bugs in Zoom Rooms for macOS clients and Zoom for Android Clients. The vulnerability, tracked as CVE-2022-36925 (CVSS score 4.4), affects Zoom Client for Meetings for macOS before version 5.11.4. an insecure key generation mechanism. “The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service,” the company said in an advisory.

The vulnerability (CVE-2022-36928) carries a CVSS score of 6.1 and is described as a path traversal vulnerability, and affects Zoom for Android clients before version 5.13.0. “A third party app could exploit this vulnerability to read and write to the Zoom application data directory.

Users are urged to manually check for software updates within the Zoom client.

Tags: CVE-2022-36926CVE-2022-36927CVE-2022-36929CVE-2022-36930Zoom