Lucene search
HistoryAug 14, 2024 - 5:15 p.m.
CVE-2024-42440
zoom
macos
privilege escalation
installer
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
Affected configurations
Node
zoommeeting_software_development_kitRange<6.1.5macos
ORzoomroomsRange<6.1.5macos
ORzoomworkplace_desktopRange<6.1.5macos
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zoom | meeting_software_development_kit | * | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:* |
| zoom | rooms | * | cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:* |
| zoom | workplace_desktop | * | cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:* |
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2024-42440