轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202601-00000018

[內容說明]
Zoom Node Multimedia Routers (MMRs) 是由Zoom所提供的混合雲端解決方案核心模組，主要用於處理會議媒體流量、提升頻寬效率和降低延遲等需求。近日Zoom發布重大資安公告(CVE-2026-22844，CVSS：9.9)，此為命令注入漏洞，會議參與者可能透過網路存取對MMRs執行遠端程式碼。

[影響平台]
Zoom Node Meetings Hybrid (ZMH) MMR module 5.2.1716.0(不含)以前版本
Zoom Node Meeting Connector (MC) MMR module 5.2.1716.0(不含)以前版本

[建議措施]
根據官方網站釋出的解決方式進行修補: https://www.twcert.org.tw/tw/cp-169-10648-b83d7-1.html

[參考資料]
1 https://www.twcert.org.tw/tw/cp-169-10648-b83d7-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202601-00000018

[Content Description]
Zoom Node Multimedia Routers (MMRs) are a core module of Zoom's hybrid cloud solution, primarily used to handle meeting media traffic, improve bandwidth efficiency, and reduce latency. Recently, Zoom released a major cybersecurity advisory (CVE-2026-22844, CVSS: 9.9), which is a command injection vulnerability. Meeting participants could potentially execute remote code on MMRs through network access.

[Affected Platforms]
Zoom Node Meetings Hybrid (ZMH) MMR module versions prior to 5.2.1716.0
Zoom Node Meeting Connector (MC) MMR module versions prior to 5.2.1716.0

[Recommended Actions]
Patch according to the solutions released on the official website: https://www.twcert.org.tw/tw/cp-169-10648-b83d7-1.html

[References]
1 https://www.twcert.org.tw/tw/cp-169-10648-b83d7-1.html