Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zoom.com/en/trust/security-bulletin/zsb-24032 |
History
Thu, 29 Aug 2024 00:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zoom meeting Software Development Kit
|
|
CPEs | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:* | |
Vendors & Products |
Zoom meeting Software Development Kit
|
Fri, 16 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zoom
Zoom workplace Desktop |
|
CPEs | cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:* | |
Vendors & Products |
Zoom Communications Inc
Zoom Communications Inc workplace Desktop App |
Zoom
Zoom workplace Desktop |
Wed, 14 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zoom Communications Inc
Zoom Communications Inc workplace Desktop App |
|
CPEs | cpe:2.3:a:zoom_communications_inc:workplace_desktop_app:*:*:*:*:*:*:*:* | |
Vendors & Products |
Zoom Communications Inc
Zoom Communications Inc workplace Desktop App |
|
Metrics |
ssvc
|
Wed, 14 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access. | |
Title | Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS - Untrusted Search Path | |
Weaknesses | CWE-426 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Zoom
Published: 2024-08-14T16:42:48.215Z
Updated: 2024-08-16T13:18:48.409Z
Reserved: 2024-08-01T19:13:16.137Z
Link: CVE-2024-42439
Vulnrichment
Updated: 2024-08-14T17:21:10.702Z
NVD
Status : Analyzed
Published: 2024-08-14T17:15:17.530
Modified: 2024-08-29T00:00:11.627
Link: CVE-2024-42439
Redhat
No data.