Zoom Client RCE Vulnerability: CVE-2020-6110 and CVE-2020-6109
If you're using Zoom - the video conferencing software that has skyrocketed in popularity during the COVID-19 crisis - pay attention. A Zoom Client vulnerability has been discovered that could allow for arbitrary code execution. They have been labeled CVE-2020-6110 and CVE-2020-6109. Make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers.
CVE-2020-6109 is a Zoom Client Application Vulnerability
⚡ TL;DR: Go Straight to the Zoom Vulnerability Audit Report
Zoom Client version 4.6.10 has an exploitable path traversal vulnerability (CVE-2020-6109). This is an HTTP exploit that allows an attacker to access personal files as these attacks are executed through web browsers via a manipulated URL. In the Zoom Client Vulnerability, a maliciously tailored chat message will trigger this vulnerability by sending it to the targeted user or group. This can cause an arbitrary file write which could lead to arbitrary code execution.
These messages can include animated GIFs. In Zoom, only Giphy servers were originally meant to be used for this feature but the content from an arbitrary server would be loaded in this case which can be abused to leak even more personal information.
CVE-2020-6110 is a Zoom Client Application Chat Code Snippet RCE Vulnerability
The CVE-2020-6110 vulnerability is almost the same as CVE-2020-6109. When the Zoom Client 4.6.10 version processes a message including shared code snippets, an attacker can send a chat message to the targeted user that will cause an arbitrary binary planting that could be abused to obtain arbitrary code execution.
It allows the attacker to install programs; view, change, or delete data; or create new accounts with full user rights. However, for the most severe effect, target user interaction is required.
Run the Zoom Vulnerability Audit
Chances are you rapidly had to deploy Zoom Client installations on your machines because of the COVID-19 crisis and the resulting work from home situation.
It's pretty critical that you update these clients at the earliest opportunity to ensure that you don't fall prey to these vulnerabilities. Zoom over to our report library, where we've issued a dedicated Zoom Vulnerability Audit Report that gives you an instant overview of all affected devices and their patch status.
If you haven't already, start your free Lansweeper trial and get a list of all vulnerable Zoom client versions on your network in no time. We have a lot more tips lined up to secure your remote workforce and be able to remotely manage your IT assets, especially themed around specific COVID-19 cybersecurity threats.