Multiple vulnerabilities in Zoom Client



Published: 2022-05-24
Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2022-22787
CVE-2022-22786
CVE-2022-22785
CVE-2022-22784
CWE-ID CWE-297
CWE-807
CWE-200
CWE-91
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Zoom Client for Windows
Client/Desktop applications / Office applications

Zoom Client for macOS
Client/Desktop applications / Office applications

Zoom Client for Linux
Client/Desktop applications / Office applications

Zoom Rooms for Windows
Client/Desktop applications / Office applications

Zoom Client for Android
Mobile applications / Apps for mobile phones

Zoom Client for iOS
Mobile applications / Apps for mobile phones

Vendor Zoom Video Communications, Inc.

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Improper validation of certificate with host mismatch

EUVDB-ID: #VU63591

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22787

CWE-ID: CWE-297 - Improper Validation of Certificate with Host Mismatch

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to software fails to properly validate the hostname during a server switch request. A remote attacker can perform a man-in-the-middle (MitM) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoom Client for Windows: 0.9.10042.0911 - 5.5.4 13142.0301

Zoom Client for Android: 4.6.11 20553.0413 - 5.9.6 4756

Zoom Client for macOS: 4.6.9 19273.0402 - 5.9.6 4993

Zoom Client for Linux: 5.1.418436.0628 - 5.9.6 2225

Zoom Client for iOS: 4.6.10 20012.0407 - 5.9.6 2729


CPE2.3 External links

http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22009

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Reliance on Untrusted Inputs in a Security Decision

EUVDB-ID: #VU63590

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22786

CWE-ID: CWE-807 - Reliance on Untrusted Inputs in a Security Decision

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to improper checking of the currently installed software version when performing software update. A remote attacker can trick the victim into installing an older software version.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoom Client for Windows: 5.0.0 23168.0427 - 5.5.4 13142.0301

Zoom Rooms for Windows: 5.0.0 1420.0426 - 5.9.4 990


CPE2.3 External links

http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22008

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Information disclosure

EUVDB-ID: #VU63588

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22785

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to Zoom client fails to properly constrain client session cookies to Zoom domains. A remote attacker can force unsuspecting users send Zoom-scoped session cookies to a non-Zoom domain and perform spoofing of a Zoom user.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoom Client for Android: 4.6.11 20553.0413 - 5.9.6 4756

Zoom Client for macOS: 4.6.9 19273.0402 - 5.9.6 4993

Zoom Client for Linux: 5.1.418436.0628 - 5.9.6 2225

Zoom Client for iOS: 4.6.10 20012.0407 - 5.9.6 2729

Zoom Client for Windows: 4.0.35295.0605 - 5.5.4 13142.0301


CPE2.3 External links

http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22007

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) XML injection

EUVDB-ID: #VU63587

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22784

CWE-ID: CWE-91 - XML Injection

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to improper input validation when processing XML data inside XMPP messages. A remote attacker can send a specially crafted chat message to break out of the current XMPP message context and spoof messages from other application users or from server.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoom Client for Windows: 4.0.35295.0605 - 5.5.4 13142.0301

Zoom Client for Linux: 5.1.418436.0628 - 5.9.6 2225

Zoom Client for macOS: 4.6.9 19273.0402 - 5.9.6 4993

Zoom Client for Android: 4.6.11 20553.0413 - 5.9.6 4756

Zoom Client for iOS: 4.6.10 20012.0407 - 5.9.6 2729


CPE2.3 External links

http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22006

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###