Rewterz Threat Advisory – CVE-2023-49647 – Zoom Products Vulnerability

Rewterz Threat Advisory – CVE-2024-0333 – Google Chrome Vulnerability

January 10, 2024

Rewterz Threat Update – Triangulation Spyware Campaign Exploits a Fourth Vulnerability

January 10, 2024

Rewterz Threat Advisory – CVE-2023-49647 – Zoom Products Vulnerability

Severity

High

Analysis Summary

CVE-2023-49647

Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows could allow a local authenticated attacker to bypass security restrictions, caused by improper access control. An attacker could exploit this vulnerability to bypass authentication and obtain administrative access.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-49647

Affected Vendors

Zoom

Affected Products

Zoom Desktop Client for Windows 5.16.9
Zoom VDI Client for Windows 5.16.9
Zoom SDKs for Windows 5.16.9

Remediation

Refer to Zoom Security Advisory for patch, upgrade or suggested workaround information.

Zoom Security Advisory

Rewterz Threat Advisory – CVE-2024-0333 – Google Chrome Vulnerability

Rewterz Threat Update – Triangulation Spyware Campaign Exploits a Fourth Vulnerability

Rewterz Threat Advisory – CVE-2023-49647 – Zoom Products Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan