Privilege Escalation Vulnerability in Zoom Workplace Apps and SDKs for Windows
CVE-2024-39819

7.3HIGH

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps And Sdk For Windows
Vendor: CVE Published:; 15 July 2024

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2024-39819?

The vulnerability stems from improper privilege management within the installer of Zoom Workplace Apps and SDKs for Windows. This flaw may enable an authenticated user with local access to perform privilege escalation, potentially compromising the security of the application and the systems it operates on. Users are urged to review their installations and apply any available security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

Zoom Workplace Apps and SDK for Windows Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24026

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2024