Zoom Apps for Windows - Improper Input Validation
- ZSB-24019
- CVE-2024-27240
- High
- 7.1
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.
Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.
- Zoom Workplace Desktop App for Windows before version 6.0.0
- Zoom Workplace VDI Plug-in for Windows before version 5.17.13
- Zoom Rooms App for Windows before version 6.0.0
Reported by sim0nsecurity.
Revision | Date | Description |
---|---|---|
1.0 | 07/09/2024 | Initial publication. |