Privilege Escalation Vulnerability in macOS Workplace Desktop App
CVE-2024-42439

6.5MEDIUM

Key Information:

Vendor: Zoom
Status: Zoom Workplace Desktop App For Mac OS And Zoom Meeting Sdk For Mac OS
Vendor: CVE Published:; 14 August 2024

Summary

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.

Affected Version(s)

Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS MacOS before version 6.1.0

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24032

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 14, 2024