India's cybersecurity agency, Computer Emergency Response Team (CERT-In) identified multiple vulnerabilities in Zoom products, "which could allow a remote authenticated user to bypass implemented security restrictions on the targeted system." To solve the problem, CERT-In recommends updating the Zoom app to the latest version. What is the vulnerability? This vulnerability can allow a "remote hacker" to join a meeting that "they are authorized to join without appearing to the other participants or obtain the audio and video feed of a meeting that they were not authorized to join and cause other meeting disruptions." "These vulnerabilities exist due to improper access control implementation," a CERT-In notification said. It went on to say that "Successful implementation of these vulnerabilities could allow a remote unauthenticated user to bypass implemented security restrictions on the targeted system." The severity of this vulnerability has been rated 'medium' by the CERT-In. Why it matters Video conferencing app Zoom gained popularity during the pandemic as employees used it for work and students used it to attend school. "The pandemic-induced lockdowns resulted in a 70 times increase in the user base for Zoom in the four months to April 2020," Eric S Yuan, CEO of Zoom, said in the context of India. He also said that the "app has over 2,500 schools in India as members." Hence, a security vulnerability in Zoom can have a large-scale impact on the privacy of video meetings held by businesses, students and individuals. In August, Zoom had acknowledged two vulnerabilities that allowed the hackers…
