Vulnerability in Zoom Application (version 4.6.10)

The impact of this issue announcement is medium. Please act accordingly to rectify the issue, as stated below.

Products affected:

Zoom

What you need to know:

Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat.

Actions to be taken:

Update Zoom application to the latest version (version 4.6.12).

What is the impact of not doing the actions?

“This allows a potential attacker without user interaction to plant arbitrary binaries on target’s computer via automatically extracted zip files. Additionally, a partial path traversal issue allows the specially crafted zip file to write files outside the intended randomly generated directory.”

Phone: +44(0)203 657 0707

Email: hello@seconcyber.com

We protect. You Achieve.

Secon Cyber is a leading cyber security company that provides a wide range of cyber security services and technologies to a substantial and diversified client base that includes corporations, financial institutions and governments. Founded in 1999, the firm is headquartered in the UK.

Get in Touch

Phone: +44(0)203 657 0707

Email: hello@seconcyber.com

Vulnerability in Zoom Application (version 4.6.10)

Products affected:

What you need to know:

Actions to be taken:

What is the impact of not doing the actions?

VMware vCenter Server Updates Address Remote Code Execution in vSphere Client

SHAREit Patches Security Vulnerabilities

SonicWall Announces Additional SMA100 Vulnerability Update

Secon Cyber extends server patching support to private and public organisations

We protect. You Achieve.

Get in Touch

Subscribe for our updates