Zoom flaw enabled hijacking of accounts with access to meetings, team chat

A Zoom flaw that enabled the hijacking of service accounts with access to potentially confidential information was disclosed by bug hunters this week.
The vulnerability in the Zoom Rooms feature mostly affected Zoom tenants using email addresses from large providers like Outlook and Gmail.
The flaw was first discovered at an ethical hacking and bug bounty event in June and patched by Zoom prior to its disclosure, with no known use in the wild.
The post explains how he and his colleagues used the vulnerability to gain access to Zoom Rooms service accounts at the HackerOne H1-4420 event on June 22.
Zoom was a sponsor of the event and awarded bug bounty payouts to participating white-hat hackers.
"This vulnerability had the potential to allow an attacker to claim a Zoom Room's service account and gain access to the victim's organization's tenant," Cotter wrote.
"As a service account, an attacker would have invisible access to confidential information in Team Chat, Whiteboards, and other Zoom applications."
Zoom Rooms is a feature that allows video conferencing between teams in separate physical locations, such as when a company has offices in multiple cities or wants to bring in-person and remote workers into the same meeting.
As opposed to an individual's Zoom account, the Zoom Room service account represents everyone at a particular location, such as a conference room, and "Attends" Zoom meetings through one device at that location.
Finding out the service email address of a Zoom Room to exploit was relatively easy; the address is available to anyone who attends a meeting with a Room or messages the Room on Team Chat.
Once the account hijacker gained access to the Zoom tenant, they would be able to use it to join or host meetings, view the organization's contacts, and access the organization's Whiteboards and Team Chat channels.
AppOmni also discovered that the Room account could not be removed from any Team Chat channels by any administrator or the Owner.
"Following several conversations with the Zoom team, the vulnerability was validated and promptly remediated," according to Cotter.
"To mitigate this issue, Zoom removed the ability to activate Zoom Room accounts."
A Zoom spokesperson told SC Media, "We have resolved this security issue. As always, we recommend users keep up to date with the latest version of Zoom to take advantage of Zoom's newest features and security updates."
The white-hat hackers that discovered the bug received a $5,000 payout from Zoom's bug bounty program, according to Cotter, who tweeted that Zoom rated the bug severity as "High" under its own Vulnerability Impact Scoring System.
Zoom has implemented a range of measures to improve its products' security in the years since the COVID-19 lockdown that rocketed the company into the public spotlight.
Zoom was heavily criticized due to a number of zero-day vulnerabilities and privacy problems plaguing the influx of new users.
As part of its efforts to boost security, it beefed up its bug bounty program and vulnerability disclosure efforts in 2020, working with HackerOne and Bugcrowd to help discover flaws.
Zoom awarded $3.9 million in bounties in fiscal year 2023, and more than $7 million since the program began.


This Cyber News was published on packetstormsecurity.com. Publication date: Fri, 01 Dec 2023 23:06:57 +0000


Cyber News related to Zoom flaw enabled hijacking of accounts with access to meetings, team chat

Zoom flaw enabled hijacking of accounts with access to meetings, team chat - A Zoom flaw that enabled the hijacking of service accounts with access to potentially confidential information was disclosed by bug hunters this week. The vulnerability in the Zoom Rooms feature mostly affected Zoom tenants using email addresses from ...
1 year ago Packetstormsecurity.com Rocke Hunters
CVE-2021-34423 - A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for ...
3 years ago
CVE-2021-34424 - A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune ...
2 years ago
CVE-2024-58071 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Zoom Mobile & Desktop App Flaw Let Attackers Escalate Privileges - The popular video conferencing software Zoom has security issues with its desktop and mobile apps that could allow for privilege escalation. An attacker may be able to obtain elevated privileges within the application or the operating system by ...
1 year ago Cybersecuritynews.com CVE-2023-43583 CVE-2023-43585 CVE-2023-43586 CVE-2023-36540 CVE-2023-36541 CVE-2023-36534 CVE-2023-39216 CVE-2023-39213
Zoom Launches AI Companion, Available at No Additional Cost - Zoom has pledged to provide artificial intelligence functions on its video-conferencing platform at no additional cost to paid clients. The tech firm believes that including these extra features as part of its paid platform service will provide a ...
1 year ago Cysecurity.news
Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry - The disruption, which began at 11:25 AM PDT and was resolved by 1:12 PM PDT, was traced not to a cyberattack or internal technical failure, but to a server block imposed by GoDaddy Registry the manager of the .us top-level domain after a ...
1 month ago Cybersecuritynews.com
Five best practices for securing Active Directory service accounts - Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. To support software-specific functions, service accounts require elevated permissions ...
3 months ago Bleepingcomputer.com
Zoom Team Chat Decrypted to Uncover User Activities - As remote work continues to be standard practice, understanding the security architecture of communication platforms like Zoom becomes increasingly crucial for maintaining organizational data protection. Zoom Team Chat employs a sophisticated ...
2 months ago Cybersecuritynews.com
Zoom stomps critical privilege escalation bug, 6 other flaws The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a ...
1 year ago Go.theregister.com CVE-2024-24691 CVE-2024-24690 CVE-2024-24695 CVE-2024-24696 CVE-2024-24697 CVE-2024-24698 CVE-2024-24699
Weekly Vulnerability Recap 2/19/2024: News from Microsoft, Zoom, SolarWinds - While this week was a little light on vulnerability news, it's still been significant, with Microsoft's Patch Tuesday happening as well as updates for major products, like Zoom. Akira ransomware vulnerabilities have also surfaced in older Cisco ...
1 year ago Esecurityplanet.com CVE-2024-21412 CVE-2020-3259 Akira
Zoom Workplace Apps Vulnerability Let Attackers Inject Malicious Script - The vulnerabilities, detailed in Zoom Security Bulletin ZSB-25013, affect a wide range of Zoom Workplace applications, including desktop apps for Windows, macOS, and Linux and mobile apps for iOS and Android. Multiple null pointer dereference ...
1 month ago Cybersecuritynews.com CVE-2025-30670
Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk - Google is disputing a security vendor's report this week about an apparent design weakness in Google Workspace that puts users at risk of data theft and other potential security issues. According to Hunters Security, a flaw in Google Workspace's ...
1 year ago Darkreading.com Hunters
Why Virtual Board Portals are the Key to Better Collaboration and Decision-Making - A digital meeting refers to a business gathering conducted electronically, eliminating the need for traditional paper documents. Embracing paperless council meetings contributes to sustainability by reducing paper waste and diminishing the energy ...
1 year ago Hackread.com
CVE-2023-51371 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, ...
1 year ago
Microsoft Teams will soon block screen capture during meetings - Redmond will also roll out a town hall screen privilege management update in Teams Rooms on Windows, interactive BizChat/Copilot Studio agents in meetings and 1-on-1 calls, and a Copilot feature to help generate audio ...
3 weeks ago Bleepingcomputer.com
Hackers abuse Zoom remote control feature for crypto-theft attacks - A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their machines. "For organizations handling particularly ...
1 month ago Bleepingcomputer.com
Beyond Protocols: How Team Camaraderie Fortifies Security - When we think about the many different tasks a security team must complete, many of them are challenging and time consuming, to say the least. Logic would dictate that if the security team is of high quality and its members enjoy working with one ...
1 year ago Securityweek.com
Data thieves abuse Microsoft's 'verified publisher' status The Register - Miscreants using malicious OAuth applications abused Microsoft's "Verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings. According to researchers with ...
2 years ago Packetstormsecurity.com Lazarus Group
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
1 year ago Securityboulevard.com APT29
How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
1 year ago Heimdalsecurity.com
WhatsApp's new Secret Code feature hides your locked chats - WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom password. After it reaches your device, you can set a code specifically for securing locked chats independent from the device unlock ...
1 year ago Bleepingcomputer.com
Meet the new CloudGuard: Risk Management in Action - Security teams need to plan the measures taken to reduce the harmful effects of a CVE, to ensure that the applications they are managing remain secure while business availability is not affected, and developers can continue with their day-to-day ...
1 year ago Blog.checkpoint.com
WhatsApp’s New Advanced Chat Privacy Feature to Protect Sensitive Conversations - Available for both one-on-one and group chats, Advanced Chat Privacy empowers users to block others from exporting chat histories, automatically downloading shared media, and using messages for AI features. While Advanced Chat Privacy significantly ...
1 month ago Cybersecuritynews.com
Attackers Can Bypass Windows Security Using New DLL Hijacking - Threat actors using the DLL Hijacking technique for persistence have been the order of the day and have been utilized in several attacks. This attack method allows bypassing the privilege requirement for executing certain malicious codes on the ...
1 year ago Cybersecuritynews.com