Uncontrolled Resource Consumption in Zoom Apps for macOS
CVE-2024-45417

6MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Apps For Mac OS
Vendor: CVE Published:; 25 February 2025

Summary

The installer for certain Zoom applications on macOS before version 6.1.5 has a flaw that could enable a privileged user to access sensitive information through local means. This uncontrolled resource consumption vulnerability poses a risk by allowing unauthorized disclosure of data, highlighting the necessity for timely updates to the affected software to maintain security and protect against potential exploitation.

Affected Version(s)

Zoom Apps for macOS MacOS 0 < 6.1.5

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24039/

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Aug 28, 2024