Rewterz Threat Advisory – Multiple Zoom Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-39202 CVSS:3.1

Zoom Rooms Client for Windows and Zoom VDI Client are vulnerable to a denial of service, caused by untrusted search path. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-39203 CVSS:4.3

Zoom Desktop Client for Windows and Zoom VDI Client are vulnerable to a denial of service, caused by uncontrolled resource consumption. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-39204 CVSS:5.3

Zoom clients are vulnerable to a denial of service, caused by a buffer overflow flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-39205 CVSS:4.3

Zoom clients are vulnerable to a denial of service, caused by improper conditions check. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-39206 CVSS:3.7

Zoom clients are vulnerable to a denial of service, caused by a buffer overflow flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-39199 CVSS:4.9

Zoom clients could allow a remote authenticated attacker to obtain sensitive information, caused by cryptographic issues with In-Meeting Chat. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-43588 CVSS:3.5

Zoom clients could allow a remote authenticated attacker to obtain sensitive information, caused by insufficient control flow management. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-43590 CVSS:7.8

Zoom Rooms for macOS could allow a local authenticated attacker to gain elevated privileges on the system, caused by link following. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-43591 CVSS:7.8

Zoom Rooms for macOS could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper privilege management. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-43582 CVSS:5.5

Zoom clients could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

Impact

• Denial of Service
• Privileges Escalation
• Information Disclosure

Indicators Of Compromise

CVE

• CVE-2023-39202
• CVE-2023-39203
• CVE-2023-39204
• CVE-2023-39205
• CVE-2023-39206
• CVE-2023-39199
• CVE-2023-43588
• CVE-2023-43590
• CVE-2023-43591
• CVE-2023-43582

Affected Vendors

Zoom

Affected Products

• Zoom Desktop Client for Windows
• Zoom Desktop Client for macOS
• Zoom Mobile App for iOS
• Zoom Mobile App for Android
• Zoom Desktop Client for Linux
• Zoom Rooms Client for Windows
• Zoom Rooms Client for macOS
• Zoom Rooms Client for Android
• Zoom Rooms Client for iPad
• Zoom VDI Client
• Zoom Meeting SDK for Windows
• Zoom Meeting SDK for iOS
• Zoom Meeting SDK for Android
• Zoom Meeting SDK for macOS
• Zoom Meeting SDK for Linux
• Zoom Room for macOS
• Zoom Room for Windows
• Zoom Rooms for macOS 5.14.9

Remediation

Refer to Zoom Security Advisory for patch, upgrade or suggested workaround information.

Zoom Security Advisory