Bug in shared SDK can let attackers join calls undetected across multiple apps

A small library that provides audio and video calling capabilities contains a bug that can allow attackers to join audio and video calls without being detected. The bug —discovered by security firm McAfee, and tracked as CVE-2020-25605— impacts the software development kit (SDK) provided by Agora, a US company specialized in providing real-time communication tools.

Read full article on ZDNet