New Delhi: The Indian Computer Emergency Response Team (Cert-In) has issued a high-risk warning concerning several vulnerabilities found in Zoom Software.
Cert-In has accessed high risk of data manipulation & service disruption for all end-user organizations and individuals using Zoom applications.
Multiple vulnerabilities have been reported in Zoom products, which could be exploited by an attacker to affect the integrity of the app, gain elevated privileges or cause denial of service condition on the targeted system, Cert-In said.
Zoom Software Affected
Zoom Workplace Desktop App for macOS, Windows, Linux before version 6.4.0
Zoom Workplace VDI Client for Windows before version 6.3.10
Zoom Workplace App for iOS and Android before version 6.4.0
Zoom Rooms Client for Windows, Android, iPad & macOS before version 6.4.0
Zoom Rooms Controller for Windows, macOS , Linux & Android before version 6.4.0
Zoom Meeting SDK for macOS, iOS, Windows, Linux & Android before version 6.4.0
Cert-In said, Multiple vulnerabilities exist in Zoom products due to improper input validation, race conditions and memory corruption issues. Successful exploitation of these vulnerabilities could allow an attacker to affect the integrity of the app, gain elevated privileges or cause denial of service condition on the targeted system
The nodal agency has advised that users should use appropriate updates as mentioned by the vendor.