1. SecPod Technologies
  2. KB Articles
  3. How To's

    Fixing Mac ZOOM Client Webcam Hijacking Vulnerability (CVE-2019-13450) using SanerNow

    Follow

    Overview:
    Zoom Client on Mac is vulnerable to drive-by compromise. Zoom client is installed on 4 million Mac computers worldwide. A malicious website can be used to join a user to a zoom call without his permission. The user can also be made a part of a video call forcibly. This vulnerability was reported by a security researcher Jonathan Leitschuh. Considering the fact that zoom has a huge customer base around the world, this is a serious threat to millions of users.

    For more information on the vulnerability, please refer to our blog

     

    CVSS v3.0 Severity and Metrics:
    Base Score: 5.0 MEDIUM

    CVSS v2.0 Severity and Metrics:
    Base Score: 6.5 MEDIUM

     

    Affected software:

    • Zoom Client versions 4.4.53932.0709 and earlier on MacOS.

     

    Solution:

    Use SanerNow platform to apply this critical patch quickly across the organization as shown below.

    NOTE: Apple has also pushed out silent updates to remove the web server. This was particularly helpful for those users who had uninstalled their zoom applications but not the web server.


    SanerNow: Vulnerability detection and patching of Zoom Client:

    1. Login to SanerNow platform

    2. Switch to the account/site specific view and Go to 'VM tool'

    3. If your Zoom client is vulnerable, Saner lists the CVE’s CVE-2019-13450 in 'Top Vulnerabilities' or 'Recently Discovered Vulnerabilities' as shown in the below diagram

    2.png

     

    4. Search for this vulnerability in VM tool. If you are affected, apply the patch through PM -> Missing Patches

    5. Select 'Groups/Devices' in the 'Asset Source' section and click 'Apply'.

    6. Select the 'Zoom client' product from the 'Asset' section as shown in the below diagram.

    3.png

     

    7. Select 'Apply Selected Patches' at the rightmost corner. This will prompt for 'Creating Patching Task'. Fill in 'Task Name' and 'Remediation Schedule' as per your preference and click on 'Apply Selected Patches' as shown below,

    4.png

     

    8. Remediation job will be created, which will fix the vulnerabilities by upgrading Zoom Client to 4.4.53932.0709

    9. Once remediation is done, the Saner agent automatically scans again and upload the result to SanerNow as shown below. The status of the job can be checked in PM > Status.

    5.png

     

    Was this article helpful?
    0 out of 0 found this helpful

    Comments