Uncontrolled Resource Consumption in Zoom Apps for macOS
CVE-2024-45417

5.5MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Apps For Mac OS
Vendor: CVE Published:; 25 February 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2024-45417?

The installer for certain Zoom applications on macOS before version 6.1.5 has a flaw that could enable a privileged user to access sensitive information through local means. This uncontrolled resource consumption vulnerability poses a risk by allowing unauthorized disclosure of data, highlighting the necessity for timely updates to the affected software to maintain security and protect against potential exploitation.

Affected Version(s)

Zoom Apps for macOS MacOS 0 < 6.1.5

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24039/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Aug 28, 2024