Zoom detects vulnerability that allows credential theft

The Zoom video conferencing application contains a vulnerability in its version for Windows computers that exposes users to the theft of credentials through the mechanism with which it manages the links for calls.

Specifically, the vulnerability is found in the application’s chats, from where users exchange links for calls, and in the way these ‘links’ are managed.

This function uses the Universal Naming Convention (UNC), a common language to specify the location of a network resource, such as a shared file, a directory or a printer, to automatically convert URLs into hyperlinks, so that users can enter a call just by clicking.

Because of this problem, Zoom is vulnerable to path injection via UNC, which allows potential attackers to modify links, according to cybersecurity researcher g0dmode via the Bleeping Computer portal.

An attacker can maliciously use this technique to seize the credentials of Zoom users who click links, obtaining data that may be sensitive, such as the username and their hash. It can also be done with the user’s password through free dehash tools.

This vulnerability can also be used to open applications on the user’s device that click on the links, although in this case the Windows security mechanisms first display a message asking the user for confirmation.

K. Tovar

Source: Xakata