The Computer Security Incident Response Team of the Nigerian Communications Commission (NCC-CSIRT) has advised users of the video telephony platform Zoom to install the latest version of the software, which can be obtained from the app’s publisher, following the discovery of vulnerabilities that remote attackers can exploit.
The Indian Computer Emergency Response Team (CERT-In) found a number of security holes in the Zoom product. The NCC-CSIRT released an advisory about this on Wednesday. In the wake of the COVID-19 Pandemic, the videotelephony platform gained popularity as a means for conducting virtual meetings, and it now has more than 300 million daily users.
“A remote attacker could use the flaws to get around security measures that have been set up and cause a denial of service on the targeted machine,” the NCC-CSIRT advisory says.
It was pointed out that “These vulnerabilities exist as a result of incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130,” which was stated in the report. By taking advantage of these vulnerabilities, a remote attacker could sneak into a meeting they were not invited to attend without raising suspicion among the other participants. In addition, they can access the audio and video feeds of meetings they were not allowed to attend and interrupt other sessions.
Read also: An Advocacy Group Criticizes Zoom’s Proposed Emotion AI
Suppose these vulnerabilities are used in a way that works. In that case, it may be possible for a remote user who is not authorised to access the system to get around the security measures that have been put in place.
What is the National Communications Commission saying on this?
The National Communications Commission (NCC) established the Computer Security Incident Response Team (CSIRT) as the telecom industry’s cyber security incident center so that it could concentrate on incidents that occurred in the telecom industry and how those incidents may have affected telecom customers and citizens in general.
The Computer Security Incident Response Team (CSIRT) also works in conjunction with the Nigeria Computer Emergency Response Team (ngCERT), which the Federal Government established in order to reduce the number of future computer-related incidents. This is done by getting Nigeria’s cyberspace ready, protecting it, and making it safe so that attacks, problems, and other similar things don’t happen.
Read also: Google Hangouts, set for delisting come November 2022
About Zoom
Zoom Video Communications, Inc. is a communications technology company that was founded in the United States and had its headquarters in San Jose, California. It offers video telephony. through a cloud-based peer-to-peer software platform that is used for video communications (Meetings), messaging (Chat), voice calls (Phone), conference rooms for video meetings (Rooms), virtual events (Events), and contact centers (Contact Center). Additionally, it provides an open platform that allows third-party developers to build custom applications on its unified communications platform (Developer Platform).
