Cybersecurity researchers have helped patch three vulnerabilities in Zoom that could have allowed criminals to intercept data from meetings and attack customer infrastructure.
Flagged by Positive Technologies, the vulnerabilities existed in several critical apps in Zoom’s portfolio of video conferencing apps and tools, including Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector, and others.
“These apps process traffic from all conferences at the company, so when they’re compromised, the biggest danger is, an intruder can perform a Man-in-the-Middle attack and intercept any data from conferences in real time,” says Egor Dimitrenko, the researcher who discovered the flaws.
Dimitrenko adds that because the affected apps operate on the outer perimeter of the corporate network, in addition to giving attackers the ability to disrupt an organization’s ability to hold conferences, the flaws could also allow remote intruders to get inside the company’s network.
Improper delegation
According to Dimitrenko, the three vulnerabilities, tracked as CVE-2021-34414, CVE-2021-34415, and CVE-2021-34416, could have enabled attackers to execute arbitrary code on the server with root-user privileges.
According to Positive Technologies, exploiting the flaws required an attacker to obtain the login credentials of any user with administrative rights, such as the admin user created in the default application.
However, Dimitrenko argues that isn’t much of a challenge since Zoom doesn’t adhere to a strict password policy, and doesn’t offer protection against password guessing through the web interface.
“You can often encounter vulnerabilities of this class in apps to which server administration tasks have been delegated. This vulnerability always leads to critical consequences and, in most instances, it results in intruders gaining full control over the corporate network infrastructure,” says Dimitrenko.
The good news however is that all three vulnerabilities have been patched, and users are advised to update without delay.
Protect your network with the help of these best firewall apps and services, and ensure your computers are running these best endpoint protection tools to shield them from cyber-attacks.
