Lucene search
ZoomCVELIST:CVE-2024-24697HistoryFeb 13, 2024 - 11:53 p.m.
CVE-2024-24697 Zoom Clients - Untrusted Search Path
2024-02-1323:53:43
CWE-426
Zoom
www.cve.org
cve-2024-24697
zoom
windows
clients
untrusted search path
escalation of privilege
local access
7.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.0%
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Zoom Clients",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "see references"
}
]
}
]Related
prion
prion
Privilege escalation
2024-02-14 00:15:00
nessus
nessus
Zoom VDI Meeting Client < 5.17.5 Vulnerability (ZSB-24004)
2024-02-20 00:00:00
Zoom Client for Meetings < 5.17.0 Vulnerability (ZSB-24004)
2024-02-20 00:00:00
nvd
nvd
CVE-2024-24697
2024-02-14 00:15:47
cve
cve
CVE-2024-24697
2024-02-14 00:15:47
7.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.0%
Related for CVELIST:CVE-2024-24697