“Searched flaws are coming in the spotlight”
Are you afraid of your messages getting leaked to somewhere where you don’t want it to be? If yes, then this news will shock you more. Your favorite Zoom Conference isn’t safe anymore. There are many flaws found in Zoom Conferences‘ working manner. What’s that and how have things gone wrong?
The Security Flaws of Zoom have been resolved. What’s good in it is that those could have been exploited to take risks on a user’s chat by sending a single message. The message is the type of a specially customized Extensible Message and Presence Protocol (XMPP) and Malicious Protocol.
Moreover, after tracking the range of risks reached out from CVE-2022-22784 via CVE-2022-22787. Ratings were between 5.9–8.1.
Ivan Fratric from Google | Zoom got Help in Crisis
Who found all the latest flaws? It was a Data Scientist named Ivan Fratric from Google Project Zero. He found the latest four flaws of Zoom Call in February 2022.
The bugs that he found were like this:
|Latest Bugs Found in February
|(CVSS score: 8.1)
|(CVSS score: 5.9)
|(CVSS score: 7.5)
|(CVSS score: 5.9)
|Improper XML praising
|Improperly constrained sessions cookies
|Upgrade package downgrade for Windows
|Insufficient hostname validation during server switch
The Zoom Chat function is built on XMPP. This can cause successful exploitation that could enable an attacker to:
- Force a vulnerable client to masquerade as a Zoom User
- Connect to a malicious server
- Download a rogue update that can cause an Arbitrary Code Execution stemming from a downgrade attack.
According to Ivan Fratrick…..
“It was a Sequence Attack, a case of XMPP Stanza Smuggling. Plus, the attacker could steal the message if it was coming from the side of another user. Also, the Cybercriminal can send a Control Message just like the server would act to it”.
Zoom Conference Issue was:
The issues took advantage of parsing inconsistencies to “smuggle in” from inconsistent XMPP verses that occurred between XML parsers in Zoom’s client and server.
Big Trouble for Zoom Conference App Users
This whole chain can hijack the Software Updating System. Also, it can drive the user to the server that is connected with the attacker which serves an old and uncredible version of the Zoom App.
The downgrade attack singles out the Windows version of the app, CVE-2022-22784/ 85/ 87 that would impact Android/ iOS/ Linux/ macOS/ Windows.
Zoom Conference Issues Resolve
The patches arrive less than a month after Zoom addressed two high-severity flaws.
These could lead to a local privilege escalation and expose the memory contents in its On-Premise Meeting Services. In addition to this, it also fixed another case of a downgrade attack which was CVE-2022-22781 in Zoom’s MacOS App.
|Note: recommendation is to update the version of their Zoom App, so that they wouldn’t cross paths with potential threats arising out of active exploitation flaws.
Well, by this news you might be thinking what kind of things are happening around the world and isn’t anything available online safe for us? Yeah! A lot of people think like that, and we know nothing is purely perfect, everything has certain flaws that will decrease with a certain amount of time.
Anyway, if you want to be an expert in finding flaws like Ivan Fratrick you can learn about it. Moreover, to be a professional, only if you’re keen, you can join a course that will teach you things in a proper manner. One of the best courses you can join is a Web Application Security Course in Delhi.
This course will help you to deal with Web Application Security. The one who’s providing The Best Training in Delhi for this Cyber Security Course after 10th is Craw Security Private Limited. What are you waiting for, Contact Craw Security? Enroll, Now!