Publish date
10 June 2020
Identifier
CVE-2020-9767
Manufacturer
Zoom (https://zoom.us)
Product
Zoom Client for Windows < 5.0.4 where the Zoom Sharing Service is installed
Authors
Connor Scott
Description
The Zoom Sharing Service (CptService.exe) contains insufficient signature checks of dynamically loaded DLLs and EXEs when loading a signed executable. This may be leveraged to escalate local user privileges to the NT AUTHORITY\SYSTEM user.
Mitigation
Update to the latest release of Zoom Meetings for Windows and follow advice listed by the vendor at https://support.zoom.us/hc/en-us/articles/360044350792
Timelines
10th June 2020 - Advisory Released
25th May 2020 - Issue resolved in release provided by vendor
23rd May 2020 - Patch candidate released
29th April 2020 - Patch feedback provided to vendor
28th April 2020 - Patch candidate released
5th April 2020 - Patch feedback provided to vendor
22nd March 2020 - Patch candidate released
26th February 2020 - Detailed advisory and POC passed to vendor
21st February 2020 - Vendor response and public Key
21st February 2020 - Initial contact and request for public key