Risk | Low |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2024-42441 CVE-2024-42442 |
CWE-ID | CWE-269 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Zoom Workplace Desktop App for macOS Client/Desktop applications / Office applications Zoom Rooms for macOS Client/Desktop applications / Messaging software |
Vendor | Zoom Video Communications, Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU95822
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42441
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper privilege management. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for macOS: 5.0.0 23186.0427 - 6.1.1 36333
Zoom Rooms for macOS: 5.0.0 2236.0426 - 6.1.2 6877
External linkshttp://www.zoom.com/en/trust/security-bulletin/ZSB-24034/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU95823
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42442
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper privilege management. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for macOS: 5.0.0 23186.0427 - 6.1.1 36333
Zoom Rooms for macOS: 5.0.0 2236.0426 - 6.1.2 6877
External linkshttp://www.zoom.com/en/trust/security-bulletin/ZSB-24034/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.