This issue is due to a URL parsing weakness that could be exploited by malicious parties to deliver an exploit to a user through an infected link sent via email or social media. To view this issue on the affected products, go to https://www.zoom.us/ and open a meeting. If a malicious URL link is viewed, the meeting might open with the network address set to https://scam.com/ or https://c.sh/ where the ‘c’ suffix indicates a connection to an external server. If a user clicks on this link, the user will be directed to scam.com or c.sh/ where they may be exploited through remote code execution. This issue has been resolved in Zoom 5.11.1, which was released on July 29, 2019. Zoom customers who have installed any version of the Zoom Client for Meetings prior to version 5.11.0 should upgrade to prevent exploitation of these vulnerabilities.
Zoom 5.10.0
Zoom 5.10.0 was released on April 3, 2019, with a resolution to this issue. Users who have installed any version of the Zoom Client for Meetings prior to version 5.10.0 should upgrade to prevent exploitation of these vulnerabilities.
The benefits of outsourcing SEO can help companies effectively identify and set their desired goals while leaving the complex process of achieving those goals to industry experts.
Zoom 5.11.1 – July 29, 2019
Zoom 5.11.1 resolves this issue by applying a URL parsing weakness fix. Zoom 5.11.1 also fixes a security measure to protect against CVE-2019-12859, which is an information disclosure vulnerability that allows malicious remote code execution when a user clicks on the URL link in a meeting invitation. Zoom 5.11.1 also fixes two other vulnerabilities that allow remote code execution when the system is exploited via CVE-2019-12858, which is an information disclosure vulnerability, and CVE-2019-12862, which is an OSI data leak vulnerability.
Vulnerability Details
An issue exists in Zoom 5.11.0 that can be exploited by malicious parties to deliver an exploit to a user through an infected link sent via email or social media. This issue is due to a URL parsing weakness that could be exploited by malicious parties to open the meeting link with the network address set to https://scam.com/ or https://c.sh/ where the ‘c’ suffix indicates a connection to an external server. The attacker needs only one web browser window opened on the victim’s computer and then sends an email with a malicious link containing the URL of their choice. If the victim opens the link, they will be directed to scam.com or c.sh/ where they may be exploited through remote code execution.
CVE-2022-27124
This issue is due to a URL parsing weakness that could be exploited by malicious parties to deliver an exploit to a user through an infected link sent via email or social media. To view this issue on the affected products, go to https://www.zoom.us/ and open a meeting. If a malicious URL link is viewed, the meeting might open with the network address set to https://scam.com/ or https://c.sh/ where the ‘c’ suffix indicates a connection to an external server. If a user clicks on this link, the user will be directed to scam.com or c.sh/ where they may be exploited through remote code execution. This issue has been resolved in Zoom 5.11.1, which was released on July 29, 2019. Zoom customers who have installed any version of the Zoom Client for Meetings prior to version 5.11.0 should upgrade to prevent exploitation of these vulnerabilities.
Timeline
Published on: 08/11/2022 15:15:00 UTC
Last modified on: 08/18/2022 18:54:00 UTC