Vulnerability in Zoom Video Conferencing for macOS

  • CERT Admin
  • Wed Jul 17 2019
  • Alerts

Systems Affected 

Zoom video conferencing software for macOS

Threat Level

High

Overview 

An Attacker could use this vulnerability to exploit and take control of your Apple's Mac computer.(CVE-2019-13567)

Description 

Cloud based Zoom meeting platform for macOS found vulnerable to severe flaw that could allow remote attackers to execute arbitrary code on a targeted system just by convincing users into visiting an innocent looking web page.

After installing Zoom to your computer it will create a local web server which runs on port 19421. This web server suffers from two issues, firstly, local server insecurely receives commands over HTTP, allowing any websites to interact with it, and secondly, local web server doesn't get uninstalled when users remove the Zoom client from their system which leaving them vulnerable forever.

Impact 

  ✦  Execute arbitrary code
  ✦  Take control of the whole system (Apple computer)
  ✦  Data modifications
  ✦  Install unwanted programs and applications

Solution/ Workarounds 

  ✦  Apple has released a security update which will remove the local web server created by Zoom without any user interaction. 

References 

  ✦  https://nvd.nist.gov/vuln/detail/CVE-2019-13567
  ✦  https://thehackernews.com/2019/07/zoom-video-conferencing-hacking.html

Disclaimer 

The information provided herein is on "as is" basis, without warranty of any kind.
 

Last updated: Wed Jul 17 2019