You can now find Cyber Kendra on Google News | Telegram

Security Flaws Found In Zoom Screen Sharing Feature

Vulnerability Found In Zoom Screen Sharing Feature


Security researchers Michael Strametz and Matthias Deeg of SySS have discovered a vulnerability (CVE-2021-28133) in the Zoom screen sharing feature that could allow confidential user information to be shared with other call participants.

The detected problem allows to identify the content of applications that are not shared, but only for a short time, making it difficult to exploit the vulnerability in real attacks. Zoom's screen sharing feature allows users to share an entire desktop or phone screen, or restrict sharing to one or more specific apps or part of the screen. The problem arises because a second application running on top of an already shared application can reveal its contents within a short period of time.

"When a Zoom user grants access to a specific application window using the screen share function, other participants in the meeting may briefly see the contents of other application windows," the researchers noted.

Experts spotted an issue in Zoom 5.4.3 and 5.5.4 for Windows and Linux and reported their findings to the company on December 2, 2020. Three months have passed since then, but the company has not released a fix for this vulnerability. Presumably, this may be due to the complexity of its operation in real attacks.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.