Zoom Screen-Sharing Bug Authorize the Users to Get Access on Restricted Applications!

Zoom Screen-Sharing Bug Authorize the Users to Get Access on Restricted Applications!

Another vulnerability was discovered in Zoom’s screen sharing feature that enables the attackers to leak confidential information while the user is busy on the calls.

This vulnerability is tracked as CVE-2021-28133 and this unpatched vulnerability makes it possible to reveal the application content that has not to be shared briefly and make it very harder to exploit and becoming wild.

How this All Started?

Zoom Screen-Sharing Bug Authorize the Users to Get Access on Restricted Applications!

The Screen Sharing function of Zoom permits the attackers to share the entire desktop or phone screen and also have the capabilities while sharing one-or-more application portion to the others.

However, while sharing the screen any other application overlaps it and leaks the data present in the shared screen for a short period.

According to the security experts, when a user shares the specific screen using the Zoom share screen feature then the other participants will able to see the detailed content available on the shared screen and they can see the data of other screens that haven’t been shared by the user. This is possible because while sharing the screen, the application also displays all the screens available for an instance, and then the other screens are also captured by the other users as they started overlaps the shared screens.

This vulnerability was tested on the version of 5.5.4 and 5.4.3 in both Windows and Linux operating systems. The officials also said they know about this threat and they are executing the security updates from December 2020, but nothing can be fixed in that period. The vulnerability is getting more complicated day by day.

Summering Up

This entire attack has serious consequences that depend on the nature of data leaked and shared by the users. The security experts also said that some other malicious participants take the advantage of this vulnerability and they misuse the confidential information while recording or sharing the screen and view the private information.

The experts also informed Zoom about this serious issue and they are working and finding the appropriate resolutions for the users while protecting their data and privacy.

Leave a Reply