Lucene search
ZoomCVE-2024-27238HistoryJul 15, 2024 - 6:15 p.m.
CVE-2024-27238
2024-07-1518:15:03
CWE-367
Zoom
web.nvd.nist.gov
31
zoom apps
sdks
installer
privilege escalation
race condition
windows
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS
0
Percentile
9.3%
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Zoom Apps and SDKs",
"vendor": "Zoom Communications, Inc",
"versions": [
{
"status": "affected",
"version": "before version 6.0.0"
}
]
}
]Related
cvelist
cvelist
CVE-2024-27238 Zoom Apps and SDKs - Race Condition
2024-07-15 17:20:39
vulnrichment
vulnrichment
CVE-2024-27238 Zoom Apps and SDKs - Race Condition
2024-07-15 17:20:39
nessus
nessus
Zoom Workplace Desktop App For Windows < 6.0.0 Race Condition (ZSB-24021)
2024-07-30 00:00:00
nvd
nvd
CVE-2024-27238
2024-07-15 18:15:03
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS
0
Percentile
9.3%
Related for CVE-2024-27238