Zoom video conferencing software host sent security crash episodes exposing users of Windows, MacOS, Linux, iOS and Android to malicious criminals.
Errors, discovered and reported by Google Project Zero researcher Natalie Silvanovich, affect the company’s Zoom Client for Meetings across all major forums and may be used for code attacks. Zoom has rated the “high density” of the two worst hazards (CVE-2021-34423) and warned that the problem also affects a variety of sub-river components and SDKs. The distraction is defined as a bath overflow 7.3 CVSS Basic Points.
Zoom also fixed the vulnerability of the second memory (CVE-2021-34424) which allows for the display of process memory status in multiple products and components.
Read More: https://www.securityweek.com/project-zero-flags-high-risk-zoom-security-flaw