XMPP is a popular instant messaging protocol based on XML that is used in messengers, online games and other applications.
This talk will introduce a new way of attacking XMPP client software: XMPP stanza smuggling. More specifically, it will show how seemingly subtle quirks in XML parsing can be exploited to "smuggle" attacker-controlled XMPP control messages to the victim client and how the design of the XMPP protocol makes it especially susceptible to such issues. It will be demonstrated how such issues led to 0-click remote code execution in the Zoom client.
While Zoom is used as an example throughout the talk and to demonstrate the maximum impact achievable, the XMPP bugs presented are not specific to Zoom.