what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure

Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure
Posted Mar 22, 2021
Authored by Matthias Deeg, Michael Strametz | Site syss.de

Zoom versions 5.4.3 (54779.1115) and 5.5.4 (13142.0301) temporarily shares other application windows not in scope for sharing.

tags | exploit
systems | windows
advisories | CVE-2021-28133
SHA-256 | 8edd2952731c5406247e59a26f231a47d2274297902c48d382bde6e4e4477b3b

Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure

Change Mirror Download
Advisory ID: SYSS-2020-044
Product: Zoom
Manufacturer: Zoom Video Communications, Inc.
Affected Version(s): 5.4.3 (54779.1115)
5.5.4 (13142.0301)
Tested Version(s): 5.4.3 (54779.1115)
5.5.4 (13142.0301)
Vulnerability Type: Exposure of Resource to Wrong Sphere (CWE-668)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2020-12-02
Solution Date: -
Public Disclosure: 2021-03-18
CVE Reference: CVE-2021-28133
Authors of Advisory: Michael Strametz, Matthias Deeg



Zoom is a video conferencing and messaging software with support for
many different devices.

Some of the supported features as described by the manufacturer are
(see [1]):

* Unparalleled usability
Enable quick adoption with meeting capabilities that make it easy to
start, join, and collaborate across any device.

* Join anywhere, on any device
Zoom Meetings syncs with your calendar system and delivers streamlined
enterprise-grade video conferencing from desktop and mobile.

* Powerful meeting security
Robust security settings ensure disruption-free meetings. Encryption,
role-based security, Passcode protection, Waiting Rooms and more.

Due to a security issue concerning the "share screen" functionality,
screen contents of applications which are not explicitly shared by the
screen-sharing user can be seen by other meeting participants.


Vulnerability Details:

When a Zoom user shares a specific application window via the "share
screen" functionality, other meeting participants can briefly see
contents of other application windows which were not explicitly shared.

The contents of not shared application windows can, for instance, be seen
for a short period of time by other users when those windows overlay the
shared application window and get into focus.

Depending on the unintentionally shared data, this short exposure of
screen contents may be a more or less severe security issue.

A participant of a Zoom meeting recording a meeting using a screen
recorder software may afterwards have access to sensitive data of
other users which is accessible in a few frames of the recorded video.


Proof of Concept (PoC):

SySS could successfully demonstrate the described attack concerning
screen recordings of Zoom meetings with unintentionally shared screen
contents both using the current Windows and Linux Zoom client software.

In this attack scenario, the two users Alice and Mallory are in the
same Zoom meeting and Alice shares her web browser window via the "share
screen" functionality.

Mallory records her whole desktop screen using a screen recorder
software, for instance SimpleScreenRecorder [3].

Between showing different things in her shared web browser window, Alice
uses another application whose application window happens to overlay
the shared web browser window.

The contents of this other application window, which is explicitly not
shared with Mallory, can sometimes briefly be seen by Mallory.

When watching the created screen recording, Mallory can pause the video
at will and thus see the unintentionally shared application window
contents from Alice.

A SySS proof of concept video illustrating this security issue is
available on our SySS Pentest TV YouTube channel [5].



SySS GmbH is not aware of a fix for the described security issue.
Please contact the software manufacturer for further information.


Disclosure Timeline:

2020-12-02: Vulnerability reported to manufacturer
2020-12-02: Manufacturer acknowledges receipt of security advisory
2020-12-02: Manufacturer asks for more information
2020-12-03: SySS provides more information concerning the security issue
2020-12-03: Manufacturer confirms reproducing the security issue in both
the Windows and the Linux client and asks further questions
2020-12-04: SySS answers open questions
2020-12-04: Manufacturer responds and will look into the reported
security issue
2021-01-21: SySS asks for status update
2021-02-01: SySS asks for status update
2021-03-18: Public release of security advisory



[1] Product Website for Zoom
[2] SySS Security Advisory SYSS-2020-044

[3] SySS GmbH, SySS Responsible Disclosure Policy
[4] GitHub Website of SimpleScreenRecorder
[5] SySS Proof of Concept Video: Zoom Unintended Screen Sharing Issue



This security vulnerability was found by Michael Strametz of SySS Cyber
Security GmbH (Austria) and Matthias Deeg of SySS GmbH.

E-Mail: michael.strametz@syss.de
Public Key:
Key Fingerprint: AD50 E8B8 4E6E 5E00 F45F CE35 744F A11A 2EAC 214D

E-Mail: matthias.deeg (at) syss.de
Public Key:
Key fingerprint = D1F0 A035 F06C E675 CDB9 0514 D9A4 BF6A 34AD 4DAB



The information provided in this security advisory is provided "as is"
and without warranty of any kind. Details of this security advisory may
be updated in order to provide as accurate information as possible. The
latest version of this security advisory is available on the SySS website.



Creative Commons - Attribution (by) - Version 3.0
URL: http://creativecommons.org/licenses/by/3.0/deed.en

Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By