A dll hijacking vulnerability in zoom meeting < 5.1.3
- Windows 7 or less
- Windows Server 2008
- Any other windows system that doesn't have
SHCore.dll
present.
- Copy the
dbghelper.dll
andSHCore.dll
to following locationC:\Users\$user\AppData\Roaming\Zoom\bin\
- Start the zoom application or do any activity like turning on/off camera inside zoom meeting.
Note: You can modify the code of SHCore.dll by opening shcore dll.sln
project in Visual studio.
Reference:
https://blog.0patch.com/2020/07/remote-code-execution-vulnerability-in.html
https://www.programmersought.com/article/85545053408/