CVE-2019-19810

Name of the Vulnerable Software and Affected Versions Zoom Call Recording versions 6.3.1

Description The issue allows a remote unauthenticated attacker to exploit the vulnerability by sending crafted RMI requests to execute arbitrary code on the target host. This is achieved through Java Deserialization attacks targeting the inbuilt RMI service.

Recommendations For Zoom Call Recording version 6.3.1, consider disabling the inbuilt RMI service as a temporary workaround until a patch is available. Restrict access to the RMI service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.