#VU73695 Man-in-the-Middle (MitM) attack in Zoom Video Communications, Inc. products - CVE-2023-22885
Published: March 15, 2023
Vulnerability identifier: #VU73695
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-22885
CWE-ID: CWE-300
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Zoom Workplace Desktop App for Windows
Zoom Workplace Desktop App for macOS
Zoom Workplace Desktop App for Linux
Zoom Rooms Client for Windows
Zoom Rooms Client for macOS
Zoom Workplace App for Android
Zoom Workplace App for iOS
Virtual Desktop Infrastructure (VDI)
Zoom Workplace Desktop App for Windows
Zoom Workplace Desktop App for macOS
Zoom Workplace Desktop App for Linux
Zoom Rooms Client for Windows
Zoom Rooms Client for macOS
Zoom Workplace App for Android
Zoom Workplace App for iOS
Virtual Desktop Infrastructure (VDI)
Software vendor:
Zoom Video Communications, Inc.
Zoom Video Communications, Inc.
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to the way the Zoom client handles SMB shares. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables.
Remediation
Install updates from vendor's website.