CVE-2024-42439

Summary

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.

Affected Software

VendorProductVersion RangeStatus
Zoom Communications Inc.Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOSbefore version 6.1.0affected

Weaknesses

  • CWE-426: CWE-426 Untrusted Search Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References