CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*

History

29 Aug 2024, 00:00

Type Values Removed Values Added
Summary
  • (es) Una ruta de búsqueda no confiable en el instalador de la aplicación de escritorio Zoom Workplace para macOS y el SDK de Zoom Meeting para macOS anterior a 6.1.0 puede permitir que un usuario privilegiado lleve a cabo una escalada de privilegios a través del acceso local.
References () https://www.zoom.com/en/trust/security-bulletin/zsb-24032 - () https://www.zoom.com/en/trust/security-bulletin/zsb-24032 - Vendor Advisory
First Time Zoom workplace Desktop
Zoom meeting Software Development Kit
Zoom
CPE cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*

14 Aug 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-14 17:15

Updated : 2024-08-29 00:00


NVD link : CVE-2024-42439

Mitre link : CVE-2024-42439

CVE.ORG link : CVE-2024-42439


JSON object : View

Products Affected

zoom

  • workplace_desktop
  • meeting_software_development_kit
CWE
CWE-426

Untrusted Search Path