Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269

Thu, 02 Oct 2025 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Zoom zoom Meeting Sdk For Windows
Zoom zoom Rooms App For Windows
CPEs cpe:2.3:a:zoom:zoom_meeting_sdk_for_windows:*:*:*:*:*:*:*:*
cpe:2.3:a:zoom:zoom_rooms_app_for_windows:*:*:*:*:*:*:*:*
Vendors & Products Zoom zoom Meeting Sdk For Windows
Zoom zoom Rooms App For Windows
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 02 Oct 2025 21:00:00 +0000

Type Values Removed Values Added
Description Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access. Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
Weaknesses CWE-494

Tue, 05 Aug 2025 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Zoom
Zoom meeting Software Development Kit
Zoom rooms
Zoom workplace Desktop
CPEs cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*
Vendors & Products Zoom
Zoom meeting Software Development Kit
Zoom rooms
Zoom workplace Desktop

cve-icon MITRE

Status: PUBLISHED

Assigner: Zoom

Published:

Updated: 2025-10-02T20:47:51.225Z

Reserved: 2024-06-28T19:43:03.519Z

Link: CVE-2024-39819

cve-icon Vulnrichment

Updated: 2024-08-02T04:26:16.015Z

cve-icon NVD

Status : Modified

Published: 2024-07-15T18:15:04.407

Modified: 2025-10-02T21:15:58.217

Link: CVE-2024-39819

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.