India's cybersecurity agency, Computer Emergency Response Team (CERT-In) identified multiple vulnerabilities in Zoom products, "which could allow a remote authenticated user to bypass implemented security restrictions on the targeted system." To solve the problem, CERT-In recommends updating the Zoom app to the latest version. What is the vulnerability? This vulnerability can allow a "remote hacker" to join a meeting that "they are authorized to join without appearing to the other participants or obtain the audio and video feed of a meeting that they were not authorized to join and cause other meeting disruptions." "These vulnerabilities exist due to improper access control implementation," a CERT-In notification said. It went on to say that "Successful implementation of these vulnerabilities could allow a remote unauthenticated user to bypass implemented security restrictions on the targeted system." The severity of this vulnerability has been rated 'medium' by the CERT-In. Why it matters Video conferencing app Zoom gained popularity during the pandemic as employees used it for work and students used it to attend school. "The pandemic-induced lockdowns resulted in a 70 times increase in the user base for Zoom in the four months to April 2020," Eric S Yuan, CEO of Zoom, said in the context of India. He also said that the "app has over 2,500 schools in India as members." Hence, a security vulnerability in Zoom can have a large-scale impact on the privacy of video meetings held by businesses, students and individuals. In August, Zoom had acknowledged two vulnerabilities that allowed the hackers…
India’s CERT-In Flags Multiple Vulnerabilities in Zoom, Recommends Updating the App
India’s cybersecurity agency CERT-In has reported vulnerabilities and recommends updating the app after similar issues in August
- MediaNama Daily: Fraud vs Fintech March 30, 2023
- RTI: The curious case of ‘no data on insured vehicles’ with India’s Insurance Regulatory Authority March 29, 2023
- Is encryption better than anonymization of data for individual privacy? #NAMA March 29, 2023
- Chhattisgarh’s Online Gambling Law Comes Into Effect: Key Highlights March 29, 2023
- Google loses its appeal against India’s competition regulator’s order in the NCLAT March 29, 2023
MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.
Amazon announced that it will integrate its logistics network and SmartCommerce services with the Open Network for Digital Commerce (ONDC).
India's smartphone operating system BharOS has received much buzz in the media lately, but does it really merit this attention?
After using the Mapples app as his default navigation app for a week, Sarvesh draws a comparison between Google Maps and Mapples
In the case of the ‘deemed consent' provision in the draft data protection law, brevity comes at the cost of clarity and user protection
The regulatory ambivalence around an instrument so essential to facilitate data exchange – the CM framework – is disconcerting for several reasons.
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
Twitter takes down tweets from MP, MLA, editor criticising handling of pandemic upon government request
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...