Natalie Silvanovich

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue is related to an out-of-bounds write in memory initialization in libsavsvc.so. This allows local attackers to write out-of-bounds memory. The problem is present prior to the SMR May-2025 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue is related to an out-of-bounds write in parsing media files. This allows local attackers to write out-of-bounds memory. The problem is associated with the libsavsvc.so component prior to the SMR May-2025 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue allows physical attackers to temporarily access the recent app list through an authentication bypass using an alternate path in Dex Mode. This is possible prior to the SMR Dec-2024 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ThemeCenter versions prior to SMR Dec-2024 Release 1 **Description** The issue allows physical attackers to copy apk files to an arbitrary path with ThemeCenter privilege. This is due to a path traversal vulnerability in ThemeCenter. **Recommendations** For versions prior to SMR Dec-2024 Release 1, update to SMR Dec-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the ThemeCenter privilege to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libswmfextractor.so versions prior to SMR Dec-2024 Release 1 **Description** The issue is an out-of-bounds write in libswmfextractor.so, allowing local attackers to execute arbitrary code. This enables attackers to potentially gain control over the system. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For versions prior to SMR Dec-2024 Release 1, update to SMR Dec-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the libswmfextractor.so library until a patch is available.

The vulnerable software is Samsung's Monkey's Audio (APE) decoder, used in Samsung smartphones running Android versions 12, 13, and 14. The vulnerability is a high-severity out-of-bounds write flaw that allows remote attackers to execute arbitrary code on the device without any user interaction. This is a zero-click vulnerability, meaning that attackers can exploit it without the user having to click on anything. The vulnerability is exploited through a specially crafted audio file sent via Google Messages on RCS-enabled devices, such as the Galaxy S23 and S24. A proof-of-concept (PoC) for the vulnerability has been released, and Samsung has issued a security update to patch the flaw. Users are advised to update their devices to the latest software version, SMR Dec-2024 Release 1, to fix the vulnerability. It is estimated that millions of devices are at risk due to this vulnerability. The vulnerable versions are prior to SMR Dec-2024 Release 1. #Samsung #Android #MonkeyAudio #GoogleProjectZero #Cybersecurity #ZeroClickVulnerability #RCS #GalaxyS23 #GalaxyS24

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 115.0.5790.170 **Description** The issue is related to a use after free in WebRTC, allowing a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. This could lead to arbitrary code execution or denial of service. **Recommendations** For versions prior to 115.0.5790.170, update to version 115.0.5790.170 or later to resolve the issue. As a temporary workaround, consider disabling WebRTC functionality until a patch is available. Restrict access to WebRTC sessions to minimize the risk of exploitation. Avoid using crafted WebRTC sessions until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 16 macOS versions prior to Ventura 13 **Description** A memory corruption issue was addressed with improved state management. This issue may allow an app to cause a denial-of-service. **Recommendations** For iOS versions prior to 16, update to iOS 16 to resolve the issue. For macOS versions prior to Ventura 13, update to macOS Ventura 13 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple tvOS versions prior to 16 Apple iOS versions prior to 16 Apple watchOS versions prior to 9 **Description** The issue allows an app to potentially execute arbitrary code with kernel privileges due to insufficient checks. **Recommendations** For Apple tvOS versions prior to 16, update to tvOS 16 to resolve the issue. For Apple iOS versions prior to 16, update to iOS 16 to resolve the issue. For Apple watchOS versions prior to 9, update to watchOS 9 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 8.7 tvOS versions prior to 15.6 iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Monterey versions prior to 12.5 **Description** A buffer overflow issue was addressed with improved bounds checking, which may allow a remote user to cause kernel code execution. **Recommendations** For watchOS versions prior to 8.7, update to watchOS 8.7. For tvOS versions prior to 15.6, update to tvOS 15.6. For iOS versions prior to 15.6, update to iOS 15.6. For iPadOS versions prior to 15.6, update to iPadOS 15.6. For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5.

**Name of the Vulnerable Software and Affected Versions** Zoom Client for Meetings versions prior to 5.8.4 Zoom Client for Meetings for Blackberry versions prior to 5.8.1 Zoom Client for Meetings for intune versions prior to 5.8.4 Zoom Client for Meetings for Chrome OS versions prior to 5.0.1 Zoom Rooms for Conference Room versions prior to 5.8.3 Controllers for Zoom Rooms versions prior to 5.8.3 Zoom VDI Windows Meeting Client versions prior to 5.8.4 Zoom VDI Azure Virtual Desktop Plugins versions prior to 5.8.4.21112 Zoom VDI Citrix Plugins versions prior to 5.8.4.21112 Zoom VDI VMware Plugins versions prior to 5.8.4.21112 Zoom Meeting SDK for Android versions prior to 5.7.6.1922 Zoom Meeting SDK for iOS versions prior to 5.7.6.1082 Zoom Meeting SDK for macOS versions prior to 5.7.6.1340 Zoom Meeting SDK for Windows versions prior to 5.7.6.1081 Zoom Video SDK versions prior to 1.1.2 Zoom on-premise Meeting Connector versions prior to 4.8.12.20211115 Zoom on-premise Meeting Connector MMR versions prior to 4.8.12.20211115 Zoom on-premise Recording Connector versions prior to 5.1.0.65.20211116 Zoom on-premise Virtual Room Connector versions prior to 4.4.7266.20211117 Zoom on-premise Virtual Room Connector Load Balancer versions prior to 2.5.5692.20211117 Zoom Hybrid Zproxy versions prior to 1.0.1058.20211116 Zoom Hybrid MMR versions prior to 4.6.20211116.131 x86-64 **Description** The issue is related to the exposure of the state of process memory, potentially allowing an attacker to gain insight into arbitrary areas of the product's memory. This could be used to potentially expose protected information. **Recommendations** Update Zoom Client for Meetings to version 5.8.4 or later. Update Zoom Client for Meetings for Blackberry to version 5.8.1 or later. Update Zoom Client for Meetings for intune to version 5.8.4 or later. Update Zoom Client for Meetings for Chrome OS to version 5.0.1 or later. Update Zoom Rooms for Conference Room to version 5.8.3 or later. Update Controllers for Zoom Rooms to version 5.8.3 or later. Update Zoom VDI Windows Meeting Client to version 5.8.4 or later. Update Zoom VDI Azure Virtual Desktop Plugins to version 5.8.4.21112 or later. Update Zoom VDI Citrix Plugins to version 5.8.4.21112 or later. Update Zoom VDI VMware Plugins to version 5.8.4.21112 or later. Update Zoom Meeting SDK for Android to version 5.7.6.1922 or later. Update Zoom Meeting SDK for iOS to version 5.7.6.1082 or later. Update Zoom Meeting SDK for macOS to version 5.7.6.1340 or later. Update Zoom Meeting SDK for Windows to version 5.7.6.1081 or later. Update Zoom Video SDK to version 1.1.2 or later. Update Zoom on-premise Meeting Connector to version 4.8.12.20211115 or later. Update Zoom on-premise Meeting Connector MMR to version 4.8.12.20211115 or later. Update Zoom on-premise Recording Connector to version 5.1.0.65.20211116 or later. Update Zoom on-premise Virtual Room Connector to version 4.4.7266.20211117 or later. Update Zoom on-premise Virtual Room Connector Load Balancer to version 2.5.5692.20211117 or later. Update Zoom Hybrid Zproxy to version 1.0.1058.20211116 or later. Update Zoom Hybrid MMR to version 4.6.20211116.131 x86-64 or later.

**Name of the Vulnerable Software and Affected Versions** Zoom Client for Meetings versions 5.8.3 and earlier Zoom Client for Meetings for Blackberry versions 5.8.0 and earlier Zoom Client for Meetings for intune versions 5.8.3 and earlier Zoom Client for Meetings for Chrome OS versions 5.0.0 and earlier Zoom Rooms for Conference Room versions 5.8.2 and earlier Controllers for Zoom Rooms versions 5.8.2 and earlier Zoom VDI versions 5.8.3 and earlier Zoom VDI Azure Virtual Desktop Plugins versions 5.8.4.21111 and earlier Zoom VDI Citrix Plugins versions 5.8.4.21111 and earlier Zoom VDI VMware Plugins versions 5.8.4.21111 and earlier Zoom Meeting SDK for Android versions 5.7.6.1921 and earlier Zoom Meeting SDK for iOS versions 5.7.6.1081 and earlier Zoom Meeting SDK for macOS versions 5.7.6.1339 and earlier Zoom Meeting SDK for Windows versions 5.7.6.1080 and earlier Zoom Video SDK versions 1.1.1 and earlier Zoom On-Premise Meeting Connector Controller versions 4.8.12.20211114 and earlier Zoom On-Premise Meeting Connector MMR versions 4.8.12.20211114 and earlier Zoom On-Premise Recording Connector versions 5.1.0.64.20211115 and earlier Zoom On-Premise Virtual Room Connector versions 4.4.7265.20211116 and earlier Zoom On-Premise Virtual Room Connector Load Balancer versions 2.5.5691.20211116 and earlier Zoom Hybrid Zproxy versions 1.0.1057.20211115 and earlier Zoom Hybrid MMR versions 4.6.20211115.131 x86-63 and earlier **Description** A buffer overflow vulnerability was discovered in Zoom software, potentially allowing a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code. The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker. This vulnerability can lead to the execution of arbitrary code, potentially allowing an attacker to gain control over the affected system. **Recommendations** Update Zoom Client for Meetings to version 5.8.4 or later. Update Zoom Client for Meetings for Blackberry to version 5.8.1 or later. Update Zoom Client for Meetings for intune to version 5.8.4 or later. Update Zoom Client for Meetings for Chrome OS to version 5.0.1 or later. Update Zoom Rooms for Conference Room to version 5.8.3 or later. Update Controllers for Zoom Rooms to version 5.8.3 or later. Update Zoom VDI to version 5.8.4 or later. Update Zoom VDI Azure Virtual Desktop Plugins to version 5.8.4.21112 or later. Update Zoom VDI Citrix Plugins to version 5.8.4.21112 or later. Update Zoom VDI VMware Plugins to version 5.8.4.21112 or later. Update Zoom Meeting SDK for Android to version 5.7.6.1922 or later. Update Zoom Meeting SDK for iOS to version 5.7.6.1082 or later. Update Zoom Meeting SDK for macOS to version 5.7.6.1340 or later. Update Zoom Meeting SDK for Windows to version 5.7.6.1081 or later. Update Zoom Video SDK to version 1.1.2 or later. Update Zoom On-Premise Meeting Connector Controller to version 4.8.12.20211115 or later. Update Zoom On-Premise Meeting Connector MMR to version 4.8.12.20211115 or later. Update Zoom On-Premise Recording Connector to version 5.1.0.65.20211116 or later. Update Zoom On-Premise Virtual Room Connector to version 4.4.7266.20211117 or later. Update Zoom On-Premise Virtual Room Connector Load Balancer to version 2.5.5692.20211117 or later. Update Zoom Hybrid Zproxy to version 1.0.1058.20211116 or later. Update Zoom Hybrid MMR to version 4.6.20211116.131 x86-64 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 76 Firefox ESR versions prior to 68.8 Thunderbird versions prior to 68.8.0 **Description** The issue is related to a buffer overflow that could occur when parsing and validating SCTP chunks in WebRTC, potentially leading to memory corruption and a crash. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For Firefox versions prior to 76, update to version 76 or later to resolve the issue. For Firefox ESR versions prior to 68.8, update to version 68.8 or later to resolve the issue. For Thunderbird versions prior to 68.8.0, update to version 68.8.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** usrsctp versions prior to 2019-12-20 **Description** The issue is related to out-of-bounds reads in the `sctp load addresses from init` function of the usrsctp implementation. This can potentially allow a remote attacker to cause a denial of service. **Recommendations** For usrsctp versions prior to 2019-12-20, update to a version released after 2019-12-20 to resolve the issue. As a temporary workaround, consider restricting access to the `sctp load addresses from init` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 80.0.3987.87 **Description** The issue is related to an out of bounds write in the WebRTC component of Google Chrome, which can be exploited by a remote attacker. This exploitation can lead to access to confidential data, disruption of data integrity, and potentially cause a denial of service. The attacker can exploit heap corruption via a crafted video stream. **Recommendations** For versions prior to 80.0.3987.87, update to version 80.0.3987.87 or later to resolve the issue. As a temporary workaround, consider restricting the use of WebRTC until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 80.0.3987.87 **Description** The issue is related to an out of bounds write in the WebRTC component of Google Chrome, which can be exploited by a remote attacker. This exploitation can lead to access to confidential data, disruption of data integrity, and potentially cause a denial of service via a crafted video stream. **Recommendations** For versions prior to 80.0.3987.87, update to version 80.0.3987.87 or later to resolve the issue. As a temporary workaround, consider restricting the use of WebRTC until the update is applied.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 tvOS versions prior to 12.4 watchOS versions prior to 5.3 **Description** A use after free issue was addressed with improved memory management. A remote attacker may be able to cause arbitrary code execution. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 or later. For tvOS versions prior to 12.4, update to tvOS 12.4 or later. For watchOS versions prior to 5.3, update to watchOS 5.3 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 macOS Mojave versions prior to 10.14.6 tvOS versions prior to 12.4 watchOS versions prior to 5.3 **Description** A memory corruption issue was addressed with improved input validation. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 to resolve the issue. For macOS Mojave versions prior to 10.14.6, update to macOS Mojave 10.14.6 to resolve the issue. For tvOS versions prior to 12.4, update to tvOS 12.4 to resolve the issue. For watchOS versions prior to 5.3, update to watchOS 5.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 macOS Mojave versions prior to 10.14.6 tvOS versions prior to 12.4 watchOS versions prior to 5.3 **Description** The issue allows an attacker to trigger a use-after-free in an application deserializing an untrusted NSDictionary. This can be exploited by an attacker. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 or later. For macOS Mojave versions prior to 10.14.6, update to macOS Mojave 10.14.6 or later. For tvOS versions prior to 12.4, update to tvOS 12.4 or later. For watchOS versions prior to 5.3, update to watchOS 5.3 or later.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 5.3 **Description** The issue is related to an out-of-bounds read that has been addressed with improved input validation. A remote attacker may be able to leak memory. **Recommendations** For versions prior to 5.3, update to watchOS 5.3 to resolve the issue.