CVE-2022-28762
Debugging port misconfiguration in Zoom Apps in the Zoom Client for Meetings for macOS
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client.
Zoom Client for Meetings para macOS (Standard y para IT Admin) a partir de la versión 5.10.6 y anteriores a 5.12.0, contiene una configuración errónea del puerto de depuración. Cuando es habilitado el contexto de renderización en modo cámara como parte de la API de Zoom App Layers al ejecutar determinadas aplicaciones de Zoom, el cliente de Zoom abre un puerto de depuración local. Un usuario local malicioso podría usar este puerto de depuración para conectarse y controlar las aplicaciones de Zoom que son ejecutadas en el cliente de Zoom
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-04-06 CVE Reserved
- 2022-10-14 CVE Published
- 2024-05-03 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://explore.zoom.us/en/trust/security/security-bulletin | 2022-10-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Zoom Search vendor "Zoom" | Meetings Search vendor "Zoom" for product "Meetings" | >= 5.10.6 < 5.12.0 Search vendor "Zoom" for product "Meetings" and version " >= 5.10.6 < 5.12.0" | macos |
Affected
|