Zoom Apps for Windows - Improper Input Validation

  • ZSB-24019
  • CVE-2024-27240
  • High
  • 7.1
  • CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.

 

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

  • Zoom Workplace Desktop App for Windows before version 6.0.0
  • Zoom Workplace VDI Plug-in for Windows before version 5.17.13
  • Zoom Rooms App for Windows before version 6.0.0

Reported by sim0nsecurity.

Revision Date Description
1.0 07/09/2024

Initial publication.