#VU63592 Information disclosure in Zoom Workplace Desktop App for Windows and Zoom Workplace Desktop App for macOS - CVE-2022-22779

Cybersecurity Help s.r.o.

Published: 2022-05-24

Vulnerability identifier: #VU63592

Vulnerability risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-22779

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Zoom Workplace Desktop App for Windows
Client/Desktop applications / Office applications
Zoom Workplace Desktop App for macOS
Client/Desktop applications / Office applications

Vendor: Zoom Video Communications, Inc.

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to the Keybase clients for macOS and Windows does not properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Zoom Workplace Desktop App for Windows: 5.0.0 23168.0427 - 5.8.7 2058

Zoom Workplace Desktop App for macOS: 5.0.0 23186.0427 - 5.8.6 2879

External links
https://explore.zoom.us/en/trust/security/security-bulletin/#ZSB-22001

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Zoom client