Zoom Room Vulnerability Unveiled: Attackers Could Hijack Meetings and Access Sensitive Data
Researchers at AppOms have uncovered a critical vulnerability in Zoom Rooms that poses a serious security threat. Discovered during the HackerOne live hacking event H1-4420, the vulnerability allows threat actors to take over Zoom Room service accounts, gaining access to the victim organization’s tenant.
Zoom Rooms, an integral part of the Zoom video conferencing platform, is designed to enhance collaboration in physical meeting spaces like conference rooms. However, the identified flaw could potentially compromise the integrity of meetings and expose sensitive data.
The vulnerability, discovered in June 2023, enables an attacker to predict service account email addresses and take control of the accounts. This could lead to unauthorized access to Team Chat, Whiteboards, and other Zoom applications, potentially exposing confidential information.
SALE: Benefit from discounted prices on our Courses from 24/11 to 06/12.
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
Zoom swiftly addressed the issue, clarifying that the vulnerability had no impact on production tenants. However, the potential consequences of this flaw were significant, allowing attackers to exploit predictable email formats assigned to Zoom Room service accounts.
The email address of a Zoom Room service account follows a specific format: rooms_<account ID>@companydomain.com. The account ID is derived from the user ID value of the service account. This predictable pattern opens the door for threat actors to manipulate and potentially take over Zoom Room accounts.
The researchers highlighted an interesting aspect related to the Team Chat feature. Despite security measures, Zoom Rooms users were found to be able to access the contents of any channel, including confidential information, and remain invisible within the channel.
Even administrators were unable to remove these users, showcasing a potential misuse of service accounts for unauthorized access.
The findings underscore the challenges in managing the security of various components in SaaS systems. Zoom has addressed the vulnerability, but the incident emphasizes the ongoing need for robust security practices in collaboration platforms.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: securityaffairs.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
