Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution

栏目: IT技术 · 发布时间: 4年前

内容简介:Cisco Talos recently discovered two vulnerabilities in the popular Zoom video chatting application that could allow a malicious user to execute arbitrary code on victims’ machines. Video conferencing software has skyrocketed in popularity during the COVID-

Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution


A member of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

Cisco Talos recently discovered two vulnerabilities in the popular Zoom video chatting application that could allow a malicious user to execute arbitrary code on victims’ machines. Video conferencing software has skyrocketed in popularity during the COVID-19 pandemic as individuals across the globe are encouraged to work from home and avoid close face-to-face contact with friends and family.

Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution In accordance with our coordinated disclosure policy, Cisco Talos worked with Zoom to ensure that

these issues are resolved. TALOS-2020-1056 was fixed in May. Zoom fixed TALOS-2020-1055 server-side in a separate update, though Cisco Talos believes it still requires a fix on the client-side to completely resolve the security risk.

Vulnerability details

Zoom client application chat Giphy arbitrary file write (TALOS-2020-1055/CVE-2020-6109)

An exploitable path traversal vulnerability exists in the Zoom Client version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write which could potentially be further abused to achieve arbitrary code execution. In order to trigger this vulnerability, an attacker needs to send a specially crafted message to a target user or a group.

Only Giphy servers were originally supposed to be used for this feature in Zoom. However, the content from an arbitrary server would be loaded in this case, which could be abused to further leak information or abuse other vulnerabilities.

Read the complete vulnerability advisoryhere for additional information.

Zoom client application chat code snippet remote code execution vulnerability (TALOS-2020-1056/CVE-2020-6110)

An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to trigger this vulnerability. For the most severe effect, target user interaction is required.

Read the complete vulnerability advisoryhere for additional information.

Versions tested

Talos tested and confirmed that this vulnerability affects version 4.6.10 of the Zoom client application.

Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 45892 - 45895, 53686


以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

人人都在说谎

人人都在说谎

赛思·斯蒂芬斯--达维多维茨 / 胡晓姣、张晨、左润男 / 中信出版集团 / 2018-11 / 58

有多少人买了书真正看完了? 你朋友的酒量有他说的那么大吗? 父母是否暗自喜欢男孩儿多于女孩儿? 电影里暴力镜头增多会导致犯罪率升高吗? 种族歧视在现如今的美国还严重吗? 特朗普的胜利有征兆吗,什么促成他赢得了大选? …… 你知道问题的答案吗,直觉会怎样告诉你? 作者赛思·斯蒂芬斯--达维多维茨是一位前谷歌数据科学家和专栏作家。他的研究发现,世界充满了......一起来看看 《人人都在说谎》 这本书的介绍吧!

SHA 加密
SHA 加密

SHA 加密工具

HEX CMYK 转换工具
HEX CMYK 转换工具

HEX CMYK 互转工具