CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration


zoom CVE-2022-28762

Zoom Client for Meetings for macOS (Standard and for IT Admin) is affected by a debugging port misconfiguration. The issue, tracked as CVE-2022-28762, received a CVSS severity score of 7.3. When the camera mode rendering context is enabled as part of the Zoom App Layers API by running specific Zoom Apps, a local debugging port is opened by the client. A local malicious user can exploit the debugging port to connect to and control the Apps running in the Zoom client.

Read more…