Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2019-13567 First vendor Publication 2019-07-12
Vendor Cve Last vendor Modification 2020-08-24

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Overall CVSS Score 8.8
Base Score 8.8 Environmental Score 8.8
impact SubScore 5.9 Temporal Score 8.8
Exploitabality Sub Score 2.8
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction Required
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute code with a maliciously crafted launch URL. NOTE: ZoomOpener is removed by the Apple Malware Removal Tool (MRT) if this tool is enabled and has the 2019-07-10 MRTConfigData.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13567

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-78 Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8

Snort® IPS/IDS

Date Description
2020-09-09 ZoomOpener remote code execution attempt
RuleID : 54728 - Revision : 1 - Type : SERVER-WEBAPP
2020-09-09 ZoomOpener remote code execution attempt
RuleID : 54727 - Revision : 1 - Type : SERVER-WEBAPP
2020-09-02 Zoom Client ZoomOpener remote code execution attempt
RuleID : 54637 - Revision : 1 - Type : SERVER-WEBAPP
2020-09-02 Zoom Client ZoomOpener remote code execution attempt
RuleID : 54636 - Revision : 1 - Type : SERVER-WEBAPP

Sources (Detail)

Source Url
MISC https://gist.github.com/wbowling/13f9f90365c171806b9ffba2c841026b
https://support.zoom.us/hc/en-us/articles/201361963-New-Updates-for-Mac-OS
https://twitter.com/JLLeitschuh/status/1149420685405708295
https://twitter.com/JLLeitschuh/status/1149422543658520578
https://twitter.com/riskybusiness/status/1149125147019767814
https://twitter.com/wcbowling/status/1149457231504498689
https://twitter.com/wcbowling/status/1166998107667619841

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Date Informations
2023-04-04 01:45:57
  • Multiple Updates
2023-03-29 01:55:37
  • Multiple Updates
2022-08-19 01:44:34
  • Multiple Updates
2021-05-15 01:30:11
  • Multiple Updates
2021-05-04 13:28:32
  • Multiple Updates
2021-04-22 02:42:50
  • Multiple Updates
2020-09-09 21:22:58
  • Multiple Updates
2020-09-03 01:25:24
  • Multiple Updates
2020-09-02 21:23:05
  • Multiple Updates
2020-05-23 02:22:41
  • Multiple Updates
2019-08-30 21:19:38
  • Multiple Updates
2019-07-31 17:19:12
  • Multiple Updates
2019-07-30 21:19:18
  • Multiple Updates
2019-07-13 05:19:08
  • Multiple Updates
2019-07-12 17:18:48
  • Multiple Updates
2019-07-12 09:18:23
  • First insertion