Vulnerability in Zoom Application (version 4.6.10)

The impact of this issue announcement is medium. Please act accordingly to rectify the issue, as stated below.

Products affected:

What you need to know:

Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat.

Actions to be taken:

Update Zoom application to the latest version (version 4.6.12).

What is the impact of not doing the actions?

“This allows a potential attacker without user interaction to plant arbitrary binaries on target’s computer via automatically extracted zip files. Additionally, a partial path traversal issue allows the specially crafted zip file to write files outside the intended randomly generated directory.”

Phone: +44(0)203 657 0707

Email: [email protected]

We protect. You Achieve.

Secon Cyber is a leading cyber security company that provides a wide range of cyber security services and technologies to a substantial and diversified client base that includes corporations, financial institutions and governments. Founded in 1999, the firm is headquartered in the UK.

Get in Touch

Phone: +44(0)203 657 0707

Email: [email protected]

Vulnerability in Zoom Application (version 4.6.10)

Products affected:

What you need to know:

Actions to be taken:

What is the impact of not doing the actions?

FatPipe Releases Bulletin for its Actively Exploited VPN Zero Day

Google Ships Chrome Update to Address Multiple Security Bugs

Zoom Fixes High Risk Vulnerabilities in Meeting Connector

AMD Announces Security Fixes for 50 EPYC Flaws

We protect. You Achieve.

Get in Touch

Subscribe for our updates