Data Science Team “Tenable Research” Zoom discovers vulnerabilities that can cause conference hijacking
~ Threat actor dominates desktop of attack target and malfunctions that may download / execute malware ~
* This release is the abstract version of the press release released in the United States on November 29, 2018 (US time). Please refer to the following URL for the original text.
“Tenable Network Security” (Tenable, Location: Columbia, Maryland, Amit Yoran (Amit · Yolan)) provides a solution to automatically visualize and improve the vulnerability of various information assets of enterprises without trouble In the formed data science team “Tenable Research”, a remote attacker or illegitimate hijacked the screen control in Zoom’s desktop conference application “CVE-2018-15715”, impersonating a conference attendee through a chat message, attended Announced that it found a serious vulnerability that could kick out people from the conference. This flaw exposes up to 750,000 companies worldwide using Zoom for daily work.
With the wave of digital transformation rushing, the generalization of remote work has progressed further, and conference services like Zoom are seen everywhere. Zoom became a new conference room, organizations are also used in conference handling confidential information, it is now possible to record and store calls on the cloud. An exploit against such vulnerability creates serious reputation risk in organizations that are doing important conversations with Zoom such as executives, conferences where customers participate, future prospect conferences, etc.
A malicious threat actor uses the vulnerability as follows.
1. Screen control hijack: While remote participants screen sharing, bypass screen control permission, fully control the victim’s desktop, and give the attacker the opportunity to download and execute malware.
2. Impersonation Chat Message: Impersonate someone present at the conference and send a chat message.
3. Driving attendees from the conference: Participants other than the organizer will chase out or lock out other attendees.
【Comment of Mr. Renaud Deraison of Tenables Inc. in USA (Co-founder of Tenbru Chief Technology Officer)】
“In order to do business in today’s digital economy, organizations need to incorporate new technologies and services, but new technological investments are at risk from new attacks.The vulnerability is Zoom It is a typical example that a cyber attack surface is caused by a service seemingly seemingly harmless like Tenable research is aimed at discovering vulnerabilities in order to ensure the safety of technologies that consumers and businesses are relying on And working with vendors. ”
Tenables discovered Zoom’s vulnerability according to the standard method outlined in “Information Disclosure Policy on Vulnerability”. This vulnerability affects both Zoom for MacOS and Windows (version 4.1.33259.0925) and Zoom for Ubuntu (version 2.4.129780.0915). Zoom quickly responded and released version 4.1.34814.1119 for Windows and version 4.1.34801.1116 for macOS to fix this vulnerability. Each user urgently confirm that the desktop meeting application is the latest version.
In addition, Tenables announced a plug-in for each organization to conduct vulnerability assessment. For details of the plugin for macOS please click here, for details of the plugin for Windows click here. For details, please refer to Tenables, Research Advisory’s blog post.
【US Tenables Company Profile】
Tenable Network Security transforms its technology to more than 24,000 organizations around the world with a comprehensive security solution to meet future business needs and provides effective measures for protecting information of corporate organizations doing. Tenable which developed Nessus (R) develops the world’s first security platform “Tenable.io (R)” that can manage and protect vulnerabilities of all information assets and devices by further developing vulnerability countermeasure technology . Tenable’s security platform was introduced in 53% of companies selected as “Fortune 500” selected by US business magazine Fortune (the top 500 companies based on gross income) and 29% of 2000 leading companies in the world It is. For details, visit tenable.com
【US Tenables Company Outline】
Company name: Tenable Network Security
Representative: Amit Yoran Amit Yoran
Address: 7021 Columbia,
Gateway Drive Suite 500 Columbia,
【Company Overview of Tenables】
Company name: Tenable Network Security Japan K.K.
Address: 2-3-2 Marunouchi, Chiyoda-ku, Tokyo
Yusen Building 1F