Rewterz Threat Advisory – Multiple Zoom Vulnerabilities

June 15, 2023

Severity

Medium

Analysis Summary

CVE-2023-28598 CVSS:7.5

Zoom for Linux clients is vulnerable to a denial of service, caused by an HTML injection vulnerability. By persuading a victim to start a chat with a malicious user, a remote attacker could exploit this vulnerability to cause a Zoom application crash.

CVE-2023-28599 CVSS:3.5

Zoom clients is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-28600 CVSS:5.2

Zoom for MacOSclients could allow a local attacker to bypass security restrictions, caused by an improper access control vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to delete/replace Zoom Client files potentially causing a loss of integrity and availability to the Zoom Client.

CVE-2023-28601 CVSS:8.3

Zoom for Windows clients could allow a remote attacker to bypass security restrictions, caused by an improper restriction of operations within the bounds of a memory buffer vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.

CVE-2023-28602 CVSS:2.8

Zoom for Windows clients is vulnerable to a denial of service, caused by an improper verification of cryptographic signature vulnerability. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to downgrade Zoom Client components to previous versions.

CVE-2023-28603 CVSS:7.7

Zoom VDI client installer could allow a local authenticated attacker to bypass security restrictions, caused by an improper access control vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to delete local files without proper permissions.

CVE-2023-34122 CVSS:7.3

Zoom for Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-34121 CVSS:4.1

Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-34120 CVSS:8.7

Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper privilege management. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-34115 CVSS:4

Zoom Meeting SDK is vulnerable to a denial of service, caused by buffer copy without checking size of input. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-34114 CVSS:6.5

Zoom for Windows and Zoom for MacOS clients could allow a remote attacker to obtain sensitive information, caused by exposure of resource to wrong sphere. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-34113 CVSS:8

Zoom for Windows clients could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficient verification of data authenticity. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.