CVE-2024-39825 and CVE-2024-39818: High-Risk Zoom Flaws Require Urgent Updates
Zoom has released a security bulletin addressing several vulnerabilities in its Workplace Apps and Rooms Clients, some of which pose significant security risks to users. Among the most critical are CVE-2024-39825 and CVE-2024-39818, both with a CVSS score of 8.5, indicating a high level of severity. These vulnerabilities could lead to privilege escalation and information disclosure if left unpatched.
Key Vulnerabilities and their Impact:
- CVE-2024-39825 (CVSS 8.5): A buffer overflow vulnerability could permit an authenticated attacker to escalate their privileges, potentially gaining unauthorized access to sensitive system resources or data.
- CVE-2024-39818 (CVSS 8.5): A protection mechanism failure may lead to information disclosure, potentially exposing confidential information to unauthorized parties.
- Additional Vulnerabilities (CVSS 4.3 – 6.5): The update also addresses several other issues related to sensitive information exposure, buffer overflows, untrusted search paths, and improper privilege management.
Affected Products:
A broad spectrum of Zoom products is impacted, including:
- Zoom Workplace Desktop App (Linux, Windows, macOS)
- Zoom Workplace VDI Client (Windows)
- Zoom Workplace App (iOS, Android)
- Zoom Rooms App (Windows, Mac, iPad)
- Zoom Meeting SDK (Windows, iOS, Android, macOS, Linux)
Recommended Actions:
Users are strongly urged to update their Zoom software to the latest versions immediately. This is crucial to apply the security patches and mitigate the risk of exploitation. In addition, Zoom users should:
- Exercise caution when interacting with links or attachments in emails, even from seemingly trusted sources.
- Refrain from downloading files from unverified websites.
- Maintain up-to-date antivirus and anti-malware software.
Zoom has indicated that they are not aware of any active exploitation of these vulnerabilities at this time. Nevertheless, considering the severity of some of the issues, users are advised to take immediate action to safeguard their systems and data.
