The Computer Emergency Response Team (CERT-In) has released notes on vulnerabilities in the video conferencing application, Zoom. The vulnerabilities in Zoom are rated in the medium severity category.
To this end, CERT-In has cautioned that the vulnerabilities can be exploited by a remote attacker to join meetings without appearing to other participants. The vulnerabilities identified by CERT-In could possibly enable attackers to obtain video and audio feed of meetings that they were not authorised to join, and even disrupt targeted meetings.
The vulnerabilities have been found to affect Zoom on-premise meeting connectors and exist due to improper access and control implementation. Additionally, CERT-In has advised Zoom users to update to the latest version of the Zoom app to avoid any likely security issues.