Security updates: Zoom Room Client & Co. vulnerable
The developers are equipping various Zoom apps against possible attacks. This affects macOS and Windows, among others.
(Image: Tatiana Popova/Shutterstock.com)
Zoom has released patches that close several security vulnerabilities in Meeting SDK, Rooms Client, Rooms Controller, Video SDK, Workplace App and Workplace VDI Client. The secured versions have been released for Android, iOS, Linux, macOS and Windows. So far, there is no evidence of any ongoing attacks.
Install security updates
Admins can find information on the threatened versions and security patches in the articles linked below this report. After successful attacks, attackers can gain higher user rights with network access but without logging in (CVE-2024-45421"high"). Information can also be leaked (CVE-2024-45419"high").
Videos by heise
List sorted by threat level in descending order:
- Zoom Apps - Buffer Overflow
- Zoom Apps - Improper Input Validation
- Zoom Apps for macOS - Uncontrolled Resource Consumption
- Zoom Apps for macOS - Symbolic Link Following
- Zoom Apps - Uncontrolled Resource Consumption
(des)
