Zoom Workplace Desktop App for macOS: Privilege Escalation Vulnerability
CVE-2024-42441

6.2MEDIUM

Key Information:

Vendor: Zoom
Status: Zoom Workplace Desktop App For Mac OS, Zoom Meeting Sdk For Mac OS, Zoom Rooms Client For Mac OS
Vendor: CVE Published:; 14 August 2024

What is CVE-2024-42441?

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

Affected Version(s)

Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS MacOS before version 6.1.5

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24034

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024

JSON