Rewterz Threat Advisory – Multiple Zoom On-Premise Meeting Connector MMR Vulnerabilities

Rewterz Threat Advisory – CVE-2022-28752 – Zoom Rooms for Conference Room Windows Vulnerability

August 12, 2022

Rewterz Threat Advisory – Zimbra Collaboration And Zimbra Collaboration Suite (ZCS) Vulnerabilities – Exploit in the Wild

August 12, 2022

Rewterz Threat Advisory – Multiple Zoom On-Premise Meeting Connector MMR Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-28754 CVSS:

Zoom On-Premise Meeting Connector MMR could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request, an attacker could exploit this vulnerability to become host in a meeting without appearing to the other participants, and cause other meeting disruptions.

CVE-2022-28753 CVSS:7.1

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2022-28754
CVE-2022-28753

Affected Vendors

Zoom

Affected Products

Zoom On-Premise Meeting Connector MMR 4.8

Remediation

Refer to Zoom Security Advisory for patch, upgrade or suggested workaround information.

Zoom Security Advisory

Rewterz Threat Advisory – CVE-2022-28752 – Zoom Rooms for Conference Room Windows Vulnerability

Rewterz Threat Advisory – Zimbra Collaboration And Zimbra Collaboration Suite (ZCS) Vulnerabilities – Exploit in the Wild

Rewterz Threat Advisory – Multiple Zoom On-Premise Meeting Connector MMR Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan