29.8 C
Jorhāt
Wednesday, August 27, 2025
type here...
Hacking News

Multiple Vulnerabilities Spotted In Zoom Video Conferencing App

By Neha Baruah
0
4

Must read

Neha Baruah
Neha Baruah
The self-proclaimed queen of words at "Ki Hikila." When she's not busy rearranging the alphabet to create "masterpieces," she's probably on her 17th cup of coffee, pretending that writer's block is a myth. Neha's been telling stories since she could talk (and hasn’t stopped since), and she’s convinced that her wit is sharper than her editing skills. If you're looking for tales sprinkled with sarcasm and a dash of "I could have written that better," Neha's your go-to author.
- Advertisement -

Researchers from Google Project Zero have discovered numerous vulnerabilities in the Zoom app that could expose users to attacks. Zoom patched the flaws following the bug reports.

Zoom App Vulnerabilities

In a recent advisory, Zoom has mentioned a couple of newly fixed vulnerabilities affecting app users’ privacy. These vulnerabilities first caught the attention of Natalie Silvanovich of Google Project Zero.

The first of these bugs is a high-severity buffer overflow vulnerability (CVE-2021-34423). The bug received a CVSS score of 7.2. It affected Zoom clients for all major operating systems (for both desktops and other devices) and other on-premise apps.

As described in the advisory,

A buffer overflow vulnerability was discovered… This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.

The second vulnerability, CVE-2021-34424, was a medium severity bug that received a CVSS score of 5.3. This vulnerability also affected a range of Zoom Clients and on-premise apps. Describing this bug, the advisory reads,

A vulnerability was discovered… which potentially allowed for the exposure of the state of process memory. This issue could be used to potentially gain insight into arbitrary areas of the product’s memory.

Following the report from the researcher, Zoom patched both the vulnerabilities with the latest releases. Users can take a look at the list of affected products shared in Zoom’s advisory to know about the security status of their apps. Whereas it’s ideal to ensure still updating the respective Zoom apps to the latest releases to receive any patches anyway.

Earlier this month, Zoom also fixed numerous bugs in its on-premise apps that risked Meetings’ security.

While users might have to update their apps, for now manually, Zoom has also announced a significant change this month. With the latest Zoom clients for Windows and Mac, users can enable automatic updates for the app. Unfortunately, however, this feature still misses out on Linux users.

Let us know your thoughts in the comments.

bugBugsflawflawsvulnerabilitiesvulnerabilityZoomZoom appZoom bugZoom conferencing appZoom Desktop Conferencing appZoom flawZoom on-premise appsZoom updateZoom vulnerability

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
- Advertisement -
Previous article
Latest SpyAgent Malware Campaign Abuses Legit RATs To Target Devices
Next article
T-Reqs – A Tool For HTTP Request Smuggling (HRS) attacks
- Advertisement -

More articles

- Advertisement -

Latest article

© Ki Hikila, by Alt-F-Artist PVT LTD. All rights reserved.

Important Tools

About Us

Popular Category

Editor Picks