Vulnerabilities > CVE-2024-42441 - Unspecified vulnerability in Zoom products

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

zoom

NVD

Published: 2024-08-14

Updated: 2024-08-28

Summary

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

Vulnerable Configurations

Part	Description	Count
Application	Zoom Zoom Workplace Desktop * Zoom Meeting Software Development KIT - Zoom Meeting Software Development KIT 5.14.7 Zoom Meeting Software Development KIT 5.14.10 Zoom Meeting Software Development KIT 5.15.5 Zoom Rooms - Zoom Rooms 5.11.3 Zoom Rooms 5.11.4 Zoom Rooms 5.12.6 Zoom Rooms 5.13.5 Zoom Rooms 5.14.5 Zoom Rooms 5.14.10 Zoom Rooms 5.15.0 Zoom Rooms 5.15.10 Zoom Rooms 5.16.0	15

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24034