Lucene search
HistoryAug 14, 2024 - 5:15 p.m.
CVE-2024-42439
cve-2024-42439
installer
zoom workplace desktop app
macos
zoom meeting sdk
escalation of privilege
local access
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.
Affected configurations
Node
zoommeeting_software_development_kitRange<6.1.0macos
ORzoomworkplace_desktopRange<6.1.0macos
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zoom | meeting_software_development_kit | * | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:* |
| zoom | workplace_desktop | * | cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:* |
Related
cve
cve
CVE-2024-42439
2024-08-14 17:15:17
vulnrichment
vulnrichment
nessus
nessus
Zoom Workplace Desktop App for macOS < 6.1.0 Buffer Overflow (ZSB-24033)
2024-08-30 00:00:00
cvelist
cvelist
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2024-42439