Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 30, 2021Rewterz Threat Alert – CryptBot Trojan – Active IOCs
November 30, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 30, 2021Rewterz Threat Alert – CryptBot Trojan – Active IOCs
November 30, 2021Severity
Medium
Analysis Summary
CVE-2021-34423
Multiple Zoom products are vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2021-34424
A buffer overflow vulnerability was discovered in the Zoom products This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.
Impact
- Execute arbitrary code
- Obtain information
Affected Vendors
Zoom
Affected Products
- Zoom Client for Meetings (for Android
- iOS
- Linux
- macOS
- and Windows) before version 5.8.4
- Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1
- Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4
Remediation
Refer to Zoom advisory for the complete list of affected products and their respective patches.