CVE-2024-42441

Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege Assignment

CVSS 6.2 MEDIUMEPSS 0.2%CWE-266

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 6.2EPSS 0.2%KEV nãoPoC —Patch —

Ciclo de vida

14 ago 2024Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Zoom Communications Inc. · Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.zoom.com/en/trust/security-bulletin/zsb-24034