First published: Wed Aug 14 2024(Updated: )
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
Credit: security@zoom.us
Affected Software | Affected Version | How to fix |
---|---|---|
Zoom Meeting Software Development Kit | <6.1.5 | |
Zoom Rooms | <6.1.5 | |
Zoom Workplace | <6.1.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-42440 is considered a critical vulnerability due to the potential for privilege escalation.
To fix CVE-2024-42440, upgrade to Zoom Workplace Desktop App, Zoom Meeting SDK, or Zoom Rooms Client for macOS version 6.1.5 or later.
CVE-2024-42440 affects users of the Zoom Workplace Desktop App, Zoom Meeting SDK, and Zoom Rooms Client versions prior to 6.1.5 on macOS.
CVE-2024-42440 is classified as an improper privilege management vulnerability.
CVE-2024-42440 requires a privileged user to exploit the vulnerability for local access escalation.