Escalation of Privilege Vulnerability in Zoom Workplace Desktop App for macOS

CVE-2024-42440

6.7MEDIUM

Key Information

Vendor: Zoom
Status: Workplace Desktop; Meeting Software Development Kit; Rooms
Vendor: CVE Published:; 14 August 2024

Summary

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24034

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 14, 2024

Collectors

NVD Database