FortiClient VulnerabilityZoom Desktop Client CVE-2022-28762 Security Misconfiguration Vulnerability
Description
Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client.
Affected Applications
Zoom
CVE References
CVE-2022-28762Other References
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28762| ID | 73607 |
| Created | Oct 23, 2022 |
| Description Updated |
Dec 13, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | MacOS |
| Vendor | Zoom |
| Patch | manual |
| Application | Zoom |