{"id":1347,"date":"2021-03-19T15:39:02","date_gmt":"2021-03-19T10:09:02","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=1347"},"modified":"2021-06-07T11:11:43","modified_gmt":"2021-06-07T05:41:43","slug":"zoom-screen-sharing-bug-authorize-the-users-to-get-access-on-restricted-applications","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/zoom-screen-sharing-bug-authorize-the-users-to-get-access-on-restricted-applications\/","title":{"rendered":"Zoom Screen-Sharing Bug Authorize the Users to Get Access on Restricted Applications!"},"content":{"rendered":"\n

Another vulnerability was discovered in Zoom\u2019s screen sharing feature that enables the attackers to leak confidential information while the user is busy on the calls.<\/p><\/p>\n\n\n\n

This vulnerability is tracked as CVE-2021-28133 and this unpatched vulnerability makes it possible to reveal the application content that has not to be shared briefly and make it very harder to exploit and becoming wild.<\/p><\/p>\n\n\n\n

How this All Started?<\/strong><\/h2>\n\n\n\n
\"Zoom<\/figure><\/div>\n\n\n\n

The Screen Sharing function of Zoom permits the attackers to share the entire desktop or phone screen and also have the capabilities while sharing one-or-more application portion to the others.<\/p><\/p>\n\n\n\n

However, while sharing the screen any other application overlaps it and leaks the data present in the shared screen for a short period.<\/p><\/p>\n\n\n\n

According to the security experts, when a user shares the specific screen using the Zoom share screen feature then the other participants will able to see the detailed content available on the shared screen and they can see the data of other screens that haven\u2019t been shared by the user. This is possible because while sharing the screen, the application also displays all the screens available for an instance, and then the other screens are also captured by the other users as they started overlaps the shared screens.<\/p><\/p>\n\n\n\n