CVE-2019-13450

🗓️ 09 Jul 2019 06:15:10Reported by [email protected]Type

Zoom Client and RingCentral for macOS allow remote attackers to activate the video camera on a user's device and remain vulnerable even after uninstallation

Reporter	Title	Published	Views	Family All 23
ATTACKERKB	Zoom Client Information Disclosure (Webcam) CVE-2019-13450	9 Jul 201900:00	–	attackerkb
CNVD	Zoom Client Information Disclosure Vulnerability	9 Jul 201900:00	–	cnvd
Check Point Advisories	Zoom Client Webcam Hijacking (CVE-2019-13450)	10 Jul 201900:00	–	checkpoint_advisories
CVE	CVE-2019-13450	9 Jul 201905:49	–	cve
Cvelist	CVE-2019-13450	9 Jul 201905:49	–	cvelist
EUVD	EUVD-2019-4923	7 Oct 202500:30	–	euvd
Kaspersky	KLA11799 Security vulnerability in Zoom	14 Jul 201900:00	–	kaspersky
Tenable Nessus	Zoom Client for Meetings 4.x < 4.4.53932.0709 Multiple Vulnerabilities (macOS)	10 Jul 201900:00	–	nessus
Tenable Nessus	Zoom Client for Meetings < 4.4.5 Vulnerability (ZSB-19002)	15 Dec 202200:00	–	nessus
myhack58	Affects more than four million Network Camera: Zoom client there is a 0 day vulnerability could lead to code execution-vulnerability warning-the black bar safety net	13 Jul 201900:00	–	myhack58

NVD

Node

ringcentral ringcentralMatch7.0.136380.0312mac_os_x

zoom zoomRange≤4.4.4mac_os_x

Source	Link
medium	www.medium.com/%40jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
blog	www.blog.zoom.us/wordpress/2019/07/08/response-to-video-on-concern/
bugs	www.bugs.chromium.org/p/chromium/issues/detail
assets	www.assets.zoom.us/docs/pdf/Zoom+Response+Video-On+Vulnerability.pdf
twitter	www.twitter.com/moreati/status/1148548799813640193
twitter	www.twitter.com/zoom_us/status/1148710712241295361
securityfocus	www.securityfocus.com/bid/109082
news	www.news.ycombinator.com/item

21 Nov 2024 04:24Current

7High risk

Vulners AI Score7

CVSS 24.3

CVSS 36.5

EPSS0.01118

CWE-862