CVE-2024-27238
7.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Summary
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zoom Communications, Inc | Zoom Apps and SDKs | before version 6.0.0 | affected |
Weaknesses
- CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.