Lucene search
ZoomCVE-2024-42441HistoryAug 14, 2024 - 5:15 p.m.
CVE-2024-42441
2024-08-1417:15:17
CWE-269
Zoom
web.nvd.nist.gov
28
zoom
privilege management
macos
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
Affected configurations
Node
zoommeeting_software_development_kitRange<6.1.5macos
ORzoomroomsRange<6.1.5macos
ORzoomworkplace_desktopRange<6.1.5macos
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zoom | meeting_software_development_kit | * | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:* |
| zoom | rooms | * | cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:* |
| zoom | workplace_desktop | * | cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS",
"vendor": "Zoom Communications Inc.",
"versions": [
{
"status": "affected",
"version": "before version 6.1.5"
}
]
}
]
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Related for CVE-2024-42441