Remote conferencing services provider Zoom patched a vulnerability that could have allowed an attacker to find and join active meetings.
Check Point explained that the issue stemmed from the way in which Zoom secured certain meetings:
If you use Zoom, you may already know that Zoom Meeting IDs are composed of 9, 10 or 11 digits. The problem was that if you hadn’t enabled the “Require meeting password” option or enabled Waiting Room, which allows manual participants admission, these 9-10-11 digits were the only thing that secured your meeting i.e. prevented an unauthorized person from connecting to it.
Researchers at the security firm came up with a list of potentially viable meeting IDs and prepared a URL string for joining the meeting. They then used a “div” element contained in the HTML body of the response returned by accessing this URL to develop a way of verifying the legitimacy of a meeting ID.
By automating this approach, Check Point succeeded in predicting about four percent of the randomly generated meeting IDs. These results constituted a much higher success rate than what they could have achieved using manual brute force attacks, the researchers noted.
On July 22, 2019, Check Point notified Zoom about the vulnerability in the spirit of responsible disclosure. The remote conferencing services provider responded by re-implementing the meeting ID generation algorithm, instituting a cryptographically strong randomization function and increasing the number of characters in a meeting ID. It also forced users to begin using passwords/PINs/SSO for authorization purposes.
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/zoom-bug-potentially-allowed-attackers-to-find-and-join-active-meetings/