o Mastersoft Co.,Ltd released security update to address buffer overflow vulnerability in ZOOK solution(remote administration tool).
o A buffer overflow issue was discovered in ZOOK solution(remote administration tool) through processing 'ConnectMe' command while parsing a crafted
OUTERIP value becasue of the missing boundary check. (CVE-2020-7877)
o This vulnerability allows the attacker to execute arbitrary command.
□ Affected Product
o Update software over ZOOKViewer_Setup.exe 188.8.131.52, ZOOKAgentSetup.exe 184.108.40.206 version or higher.
o Thanks to Jeongun Baek for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀