Untrusted Search Path Vulnerability in Zoom 32 bit Windows Clients Could Lead to Escalation of Privilege

CVE-2024-24697

7.8HIGH

Key Information

Vendor
Zoom
Status
Vdi Windows Meeting Clients
Rooms
Zoom
Meeting Sdk
Vendor
CVE Published:
14 February 2024

Summary

Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.

Refferences

https://www.zoom.com/en/trust/security-bulletin/ZSB-24004/

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD Database
.