CVE-2021-30480 : Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenti

Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat software, which is different from the chat feature of the Zoom Meetings and Zoom Video Webinars software.

Published 2021-04-09 23:15:13

Updated 2021-09-21 17:46:12

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2021-30480

Zoom » Chat
Versions up to, including, (<=) 2021-04-09
cpe:2.3:a:zoom:chat:*:*:*:*:*:*:*:*
Matching versions
When used together with: Apple » Macos » Version: N/A
When used together with: Microsoft » Windows » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-30480

EPSS FAQ

13.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-30480

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C	8.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H	1.8	6.0	MITRE
Attack Vector: Network Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2021-30480

https://explore.zoom.us/en/trust/security/security-bulletin/

Security Bulletin - Zoom
Vendor Advisory

CVEs referencing this url
https://twitter.com/thezdi/status/1379855435730149378

Zero Day Initiative on Twitter: "We're still confirming the details of the #Zoom exploit with Daan and Thijs, but here's a better gif of the bug in action. #Pwn2Own #PopCalc https://t.co/nIdTwik9aW" /
Third Party Advisory
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/04/zoom-zero-day-discovery-makes-calls-safer-hackers-200000-richer/

Zoom zero-day discovery makes calls safer, hackers $200,000 richer - Malwarebytes Labs | Malwarebytes Labs
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-971/

ZDI-21-971 | Zero Day Initiative
Third Party Advisory;VDB Entry
https://www.securityweek.com/200000-awarded-zero-click-zoom-exploit-pwn2own

$200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own | SecurityWeek.Com
Press/Media Coverage;Third Party Advisory
https://sector7.computest.nl/post/2021-08-zoom/

Zoom RCE from Pwn2Own 2021 · Sector 7
Exploit;Third Party Advisory
https://zoom.us/feature/messaging

Group Messaging - Zoom
Product;Vendor Advisory
https://twitter.com/thezdi/status/1379859851061395459

Third Party Advisory
https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/

Critical Zoom vulnerability triggers remote code execution without user input | ZDNet
Press/Media Coverage;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-30480

Products affected by CVE-2021-30480

Exploit prediction scoring system (EPSS) score for CVE-2021-30480

CVSS scores for CVE-2021-30480

References for CVE-2021-30480