Zoom Workplace Desktop App for macOS: Privilege Escalation Vulnerability

CVE-2024-42441

6.7MEDIUM

Key Information

Vendor: Zoom Communications Inc.
Status: Zoom Workplace Desktop App For Mac OS, Zoom Meeting Sdk For Mac OS, Zoom Rooms Client For Mac OS
Vendor: CVE Published:; 14 August 2024

Summary

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

Affected Version(s)

Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS = before version 6.1.5

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 6.2 - (MEDIUM)
Aug 15, 2024
Vulnerability published.
Aug 14, 2024

Collectors

NVD DatabaseMitre Database