Fwd: [CIVN-2020-0276] Remote Code Execution Vulnerability in Zoom Video Conferencing Application

Severity Rating: High

Systems Affected

Zoom's Windows client version prior to version 5.1.3 (28656.0709)

Overview

A vulnerability has been reported in the Zoom video conferencing

application running on Windows 7 and earlier Windows versions which could

allow a remote attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in the Zoom video conferencing application

running on Windows 7 and earlier versions of Windows. A remote attacker

could exploit this vulnerability by enticing the user to execute a

specially crafted file.

Successful exploitation of this vulnerability could allow the attacker to

execute arbitrary code on the target system.

Solution

Apply appropriate security updates as mentioned in the following link:

https://support.zoom.us/hc/en-us/articles/201361953

Vendor:

Zoom

https://support.zoom.us/hc/en-us/articles/201361953

References

Zoom

https://support.zoom.us/hc/en-us/articles/201361953

OPatch Blog

https://blog.0patch.com/2020/07/remote-code-execution-vulnerability-in.html

Threatpost

https://threatpost.com/unpatched-zoom-bug-rce/157317/

The Hacker News

https://thehackernews.com/2020/07/zoom-windows-security.html

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0276] Remote Code Execution Vulnerability in Zoom Video Conferencing Application

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive