Multiple vulnerabilities in Zoom Client
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-22787 CVE-2022-22786 CVE-2022-22785 CVE-2022-22784 |
| CWE-ID | CWE-297 CWE-807 CWE-200 CWE-91 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Zoom Workplace Desktop App for Windows Client/Desktop applications / Office applications Zoom Workplace Desktop App for macOS Client/Desktop applications / Office applications Zoom Workplace Desktop App for Linux Client/Desktop applications / Office applications Zoom Rooms for Windows Client/Desktop applications / Office applications Zoom Workplace App for Android Mobile applications / Apps for mobile phones Zoom Workplace App for iOS Mobile applications / Apps for mobile phones |
| Vendor | Zoom Video Communications, Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper validation of certificate with host mismatch
EUVDB-ID: #VU63591
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22787
CWE-ID:
CWE-297 - Improper Validation of Certificate with Host Mismatch
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to software fails to properly validate the hostname during a server switch request. A remote attacker can perform a man-in-the-middle (MitM) attack.
Install updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for Windows: 0.9.10042.0911 - 5.5.4 13142.0301
Zoom Workplace App for Android: 4.6.11 20553.0413 - 5.9.6 4756
Zoom Workplace Desktop App for macOS: 4.6.9 19273.0402 - 5.9.6 4993
Zoom Workplace Desktop App for Linux: 5.1.418436.0628 - 5.9.6 2225
Zoom Workplace App for iOS: 4.6.10 20012.0407 - 5.9.6 2729
CPE2.3- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.0:12454.0131:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.4:13142.0301:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.1:12488.0202:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.6:4756:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.3:4247:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.0:3502:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.6:4993:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.3:4239:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.0:3377:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.6:2225:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.3:1911:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.0:1273:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.6:2729:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.3:2482:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.0:2086:*:*:*:*:*:*
http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Reliance on Untrusted Inputs in a Security Decision
EUVDB-ID: #VU63590
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22786
CWE-ID:
CWE-807 - Reliance on Untrusted Inputs in a Security Decision
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to improper checking of the currently installed software version when performing software update. A remote attacker can trick the victim into installing an older software version.
Install updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for Windows: 5.0.0 23168.0427 - 5.5.4 13142.0301
Zoom Rooms for Windows: 5.0.0 1420.0426 - 5.9.4 990
CPE2.3- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.0:12454.0131:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.4:13142.0301:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.1:12488.0202:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_for_windows:5.9.4:990:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_for_windows:5.9.3:911:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_for_windows:5.9.1:808:*:*:*:*:*:*
http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU63588
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22785
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to Zoom client fails to properly constrain client session cookies to Zoom domains. A remote attacker can force unsuspecting users send Zoom-scoped session cookies to a non-Zoom domain and perform spoofing of a Zoom user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsZoom Workplace App for Android: 4.6.11 20553.0413 - 5.9.6 4756
Zoom Workplace Desktop App for macOS: 4.6.9 19273.0402 - 5.9.6 4993
Zoom Workplace Desktop App for Linux: 5.1.418436.0628 - 5.9.6 2225
Zoom Workplace App for iOS: 4.6.10 20012.0407 - 5.9.6 2729
Zoom Workplace Desktop App for Windows: 4.0.35295.0605 - 5.5.4 13142.0301
CPE2.3- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.6:4756:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.3:4247:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.0:3502:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.6:4993:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.3:4239:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.0:3377:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.6:2225:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.3:1911:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.0:1273:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.6:2729:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.3:2482:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.0:2086:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.0:12454.0131:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.4:13142.0301:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.1:12488.0202:*:*:*:*:*:*
http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) XML injection
EUVDB-ID: #VU63587
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22784
CWE-ID:
CWE-91 - XML Injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper input validation when processing XML data inside XMPP messages. A remote attacker can send a specially crafted chat message to break out of the current XMPP message context and spoof messages from other application users or from server.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for Windows: 4.0.35295.0605 - 5.5.4 13142.0301
Zoom Workplace Desktop App for Linux: 5.1.418436.0628 - 5.9.6 2225
Zoom Workplace Desktop App for macOS: 4.6.9 19273.0402 - 5.9.6 4993
Zoom Workplace App for Android: 4.6.11 20553.0413 - 5.9.6 4756
Zoom Workplace App for iOS: 4.6.10 20012.0407 - 5.9.6 2729
CPE2.3- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.0:12454.0131:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.4:13142.0301:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:5.5.1:12488.0202:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.6:2225:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.3:1911:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.9.0:1273:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.6:4993:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.3:4239:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:5.9.0:3377:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.6:4756:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.3:4247:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:5.9.0:3502:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.6:2729:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.3:2482:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:5.9.0:2086:*:*:*:*:*:*
http://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22006
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
