any tampering from the outside.
Through the critical issues and without any involvement of the victim, a hacker could have taken control of the device and viewed the calls in progress.
Despite end-to-end encryption, enabled by the initiator of the meeting, making it impossible for third parties to understand the potential call files, a cybercriminal would have been able to exploit the two flaws to follow the meetings live.
In the recent past, the Project Zero team has found zero-click vulnerabilities and other flaws in several communication platforms, including Facebook Messenger, Signal, GoogleDuo, FaceTime, and Apple's iMessage.
For researchers, analyzing an app like Zoom is not easy because, they remember, it is based on a proprietary system, unlike open-source software.