The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised Zoom users to install the latest update of the software from the company’s official website following ”the discovery of vulnerabilities that allow a remote attacker to exploit the app”.
NCC-CSIRT, the Nigerian telecom sector’s cyber security centre, said this in a statement released on Thursday.
The statement, signed by Reuben Muoka, NCC-CSIRT’s director of public affairs, revealed that the Indian Computer Emergency Response Team (CERT-In) discovered bugs in the Zoom software.
The NCC-CSIRT advisory stated that the glitches found could allow hackers to bypass safety systems.
According to the NCC-CSIRT, a remote attacker could exploit the vulnerabilities to circumvent implemented security measures and cause a denial of service on the targeted machine.
”These vulnerabilities exist owing to incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130,” NCC-CSIRT’s advisory said.
“Remote attackers could manoeuvre the flaws to join meetings unauthorised, be invisible to other attendees, illegitimately access audio and video feeds from meetings, and interrupt meeting sessions.”
The NCC-CIRST advisory pointed out that the weak spot could allow unaccredited users to evade the platform’s security measures on specific structures.
Zoom’s video telephony platform became popular with over 300 million daily users for virtual meetings during the COVID-19 pandemic.
Be the first to receive special investigative reports and features in your inbox.