Two Zero-Day vulnerabilities for Zoom Cloud Meeting's Windows and macOS clients are being sold in the market for around $5,00,000. Here are the details.
Zoom Cloud Meetings is a video conferencing app that recently took off reaching unrivalled heights during the ongoing COVID-19 (coronavirus) pandemic. However, this popularity has brought a number of new security and privacy issues in front of the public. The company has been hard at work trying to fix these flaws and win back the public. However, with each new day, we see the app getting hit by a new issue.
Now, two new zero-day flaws have surfaced according to a report by Motherboard. The first flaw is located inside of the Windows version of the client, whereas, the other flaw has been located inside of the macOS client. The expoilts have already made their way online and are being sold for huge amounts.
The Windows exploit is currently being sold by brokers and is priced at $5,00,000 (approximately Rs 3.83 crore). The report does not state the amount that is being asked for the macOS exploit.
It states that exploit for the Windows client is a Remote Code Execution (RCE), whereas, the one for the macOS client is not RCE, “making it less dangerous and harder to use.” This means that the macOS exploring will not be as valuable. Zero-Day vulnerabilities are vulnerabilities that have never been used.
Also Read: Here's why Apple launched iPhone SE 2020 after four years
An RCE exploit allows hackers to execute code on the target's computer without having to rely on a phishing attack. Using it hackers can gain full access to a user's machine.
“From what I've heard, there are two zero-day exploits in circulation for Zoom. [...] One affects OS X and the other Windows. I don't expect that these will have a particularly long shelf-life because when a zero-day gets used it gets discovered,” Motherboard quoted Adriel Desautels, the founder of Netragard, a company that used to sell and trade zero-days.
Also Read: LG Velvet smartphone announced; discontinues G-series, V-series and more
The report added that Zoom in a reply to their query said that they were not able to find any evidence for the claims made by the publication's sources.
This post was last modified on %s = human-readable time difference 9:06 pm
Microsoft launches its Xbox cloud gaming app on Amazon Fire TV devices with access to…
Realme Narzo N55 new Black colourway revealed, here's how it looks. The company also revealed…
Motorola Moto G Power 5G with MediaTek Dimensity 930 chipset, 6GB RAM and 256GB internal…
OnePlus reportedly will rebrand the Nord CE 3 Lite as the Nord N30 for the…
Apple's upcoming iOS 17 could bring a revamp to its Control Center feature. Details are…
Sony currently working on a new handheld gaming console codenamed PlayStation Q Lite. Launch expected…