Rewterz Threat Advisory – CVE-2022-28756 – Zoom Client for Meetings for macOS Vulnerability

Rewterz Threat Advisory – CVE-2022-36010 – Node.js react-editable-json-tree module Vulnerability

August 16, 2022

Rewterz Threat Advisory – Multiple Apache Apache OpenOffice Vulnerabilities

August 16, 2022

Rewterz Threat Advisory – CVE-2022-28756 – Zoom Client for Meetings for macOS Vulnerability

Severity

High

Analysis Summary

CVE-2022-28756

Zoom Client for Meetings for macOS could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the auto update process. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root.

Impact

Privilege Escalation

Indicators Of Compromise

CVE

CVE-2022-28756

Affected Vendors

Zoom

Affected Products

Zoom Client for Meetings for MacOS 5.11
Zoom Client for Meetings for macOS 5.7.3

Remediation

Refer to Zoom Security Advisory for patch, upgrade or suggested workaround information.

Zoom Security Advisory

Rewterz Threat Advisory – CVE-2022-36010 – Node.js react-editable-json-tree module Vulnerability

Rewterz Threat Advisory – Multiple Apache Apache OpenOffice Vulnerabilities

Rewterz Threat Advisory – CVE-2022-28756 – Zoom Client for Meetings for macOS Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan