Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke functionality in the target client. This allows the attacker to remove attendees from meetings, spoof messages from users, or hijack shared screens.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.tenable.com/security/research/tra-2018-40 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2018-11-30T20:00:00Z
Updated: 2024-09-16T21:56:33.284Z
Reserved: 2018-08-22T00:00:00
Link: CVE-2018-15715
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-11-30T20:29:00.223
Modified: 2019-10-09T23:35:49.423
Link: CVE-2018-15715
Redhat
No data.