Escalation of Privilege Vulnerability in Zoom Workplace Desktop App for macOS
CVE-2024-42440

6.7MEDIUM

Key Information:

Vendor

Zoom
Status
Workplace Desktop
Meeting Software Development Kit
Rooms
Vendor
CVE Published:
14 August 2024

What is CVE-2024-42440?

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24034

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.
CVE-2024-42440 : Escalation of Privilege Vulnerability in Zoom Workplace Desktop App for macOS