CVE-2024-27240

Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.zoom.com/en/trust/security-bulletin/zsb-24019

Configurations

No configuration.

History

16 Jul 2024, 13:43

Type	Values Removed	Values Added
Summary		(es) Una validación de entrada incorrecta en el instalador de algunas aplicaciones de Zoom para Windows puede permitir que un usuario autenticado realice una escalada de privilegios a través del acceso local.

15 Jul 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-15 18:15

Updated : 2024-07-16 13:43

NVD link : CVE-2024-27240

Mitre link : CVE-2024-27240

CVE.ORG link : CVE-2024-27240

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

7.1 /10