Intrusion Prevention

Zoom.Client.Unauthorized.Video.Call.Information.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Zoom Client.
A remote unauthenticated attacker can exploit this vulnerability by enticing the victim to open a crafted web page. Successful exploitation will force a user to join a video call with the video camera active.

Affected Products

Zoom Client through 4.4.4
RingCentral 7.0.136380.0312

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://zoom.us/download

CVE References

CVE-2019-13450