Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
References
Link | Resource |
---|---|
https://www.zoom.com/en/trust/security-bulletin/ZSB-24004/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Oct 2024, 15:22
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:* | |
First Time |
Zoom meeting Software Development Kit
|
04 Oct 2024, 14:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:meeting_sdk:*:*:*:*:*:*:*:* cpe:2.3:a:zoom:vdi_windows_meeting_clients:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:rooms:*:*:*:*:*:*:*:* |
|
References | () https://www.zoom.com/en/trust/security-bulletin/ZSB-24004/ - Vendor Advisory | |
Summary |
|
|
First Time |
Zoom zoom
Zoom Zoom vdi Windows Meeting Clients Zoom meeting Sdk Zoom rooms |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
14 Feb 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-14 00:15
Updated : 2024-10-09 15:22
NVD link : CVE-2024-24697
Mitre link : CVE-2024-24697
CVE.ORG link : CVE-2024-24697
JSON object : View
Products Affected
zoom
- rooms
- zoom
- vdi_windows_meeting_clients
- meeting_software_development_kit
CWE
CWE-426
Untrusted Search Path