Zoom 클라이언트 및 기타 제품의 버퍼 오버플로우

  • ZSB-21019
  • CVE-2021-34423
  • 높음
  • 7.3
  • CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

이 게시판의 '영향을 받는 제품' 섹션에 나열된 제품에서 버퍼 오버플로우 취약성이 발견되었습니다. 악의적 행위자는 잠재적으로 이 취약성을 악용하여 서비스 또는 애플리케이션 충돌을 일으키거나 임의 코드를 실행할 수 있습니다.

Zoom은 아래 섹션에 나열되어 있는 제품의 최신 릴리스에서 이러한 문제를 해결했습니다. 사용자는 최신 업데이트를 적용하거나 모든 최신 보안 업데이트가 포함된 최신 Zoom 소프트웨어를 다운로드하여 보안을 유지할 수 있습니다.

  • Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4
  • Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1
  • Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4
  • Zoom Client for Meetings for Chrome OS before version 5.0.1
  • Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3
  • Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3
  • Zoom VDI Windows Meeting Client before version 5.8.4
  • Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112
  • Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112
  • Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112
  • Zoom Meeting SDK for Android before version 5.7.6.1922
  • Zoom Meeting SDK for iOS before version 5.7.6.1082
  • Zoom Meeting SDK for macOS before version 5.7.6.1340
  • Zoom Meeting SDK for Windows before version 5.7.6.1081
  • Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2
  • Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115
  • Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115
  • Zoom On-Premise Recording Connector before version 5.1.0.65.20211116
  • Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117
  • Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117
  • Zoom Hybrid Zproxy before version 1.0.1058.20211116
  • Zoom Hybrid MMR before version 4.6.20211116.131_x86-64

Google Project Zero의 Natalie Silvanovich가 보고함

Revision 날짜 설명
1.0 11/24/2021

최초 게시