These security flaws could have let intruders snoop on your Zoom meetings

angry woman on video conferencing call
(Image credit: / Antonio Guillem)

Cybersecurity researchers have helped patch three vulnerabilities in Zoom that could have allowed criminals to intercept data from meetings and attack customer infrastructure.

Flagged by Positive Technologies, the vulnerabilities existed in several critical apps in Zoom’s portfolio of video conferencing apps and tools, including Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector, and others.

“These apps process traffic from all conferences at the company, so when they’re compromised, the biggest danger is, an intruder can perform a Man-in-the-Middle attack and intercept any data from conferences in real time,” says Egor Dimitrenko, the researcher who discovered the flaws.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

Dimitrenko adds that because the affected apps operate on the outer perimeter of the corporate network, in addition to giving attackers the ability to disrupt an organization’s ability to hold conferences, the flaws could also allow remote intruders to get inside the company’s network. 

Improper delegation

According to Dimitrenko, the three vulnerabilities, tracked as CVE-2021-34414, CVE-2021-34415, and CVE-2021-34416, could have enabled attackers to execute arbitrary code on the server with root-user privileges. 

According to Positive Technologies, exploiting the flaws required an attacker to obtain the login credentials of any user with administrative rights, such as the admin user created in the default application. 

However, Dimitrenko argues that isn’t much of a challenge since Zoom doesn’t adhere to a strict password policy, and doesn’t offer protection against password guessing through the web interface.

“You can often encounter vulnerabilities of this class in apps to which server administration tasks have been delegated. This vulnerability always leads to critical consequences and, in most instances, it results in intruders gaining full control over the corporate network infrastructure,” says Dimitrenko.

The good news however is that all three vulnerabilities have been patched, and users are advised to update without delay.

Protect your network with the help of these best firewall apps and services, and ensure your computers are running these best endpoint protection tools to shield them from cyber-attacks.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.