Security Advisory

CVE-2020-6109

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-08 13:22:31
Last updated 2024-08-04 08:47:41
Assigner talos
State PUBLISHED

Description

An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to exploit this vulnerability.