Zoom Workplace Desktop App for macOS: Privilege Escalation Vulnerability
CVE-2024-42441

6.2MEDIUM

Key Information:

Vendor

Zoom
Status
Zoom Workplace Desktop App For Mac OS, Zoom Meeting Sdk For Mac OS, Zoom Rooms Client For Mac OS
Vendor
CVE Published:
14 August 2024

What is CVE-2024-42441?

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

Affected Version(s)

Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS MacOS before version 6.1.5

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24034

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.
CVE-2024-42441 : Zoom Workplace Desktop App for macOS: Privilege Escalation Vulnerability