Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS by Zoom Communications Inc.

    CVE-2024-42441 (GCVE-0-2024-42441)

    Vulnerability from nvd – Published: 2024-08-14 16:46 – Updated: 2025-10-07 13:17
    VLAI
    Title
    Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege Assignment
    Summary
    Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - [LLM] Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    Zoom Communications Inc. Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS Affected: before version 6.1.5
    Create a notification for this product.
    zoom workplace_desktop Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    zoom macos_meeting_sdk Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zoom rooms Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:rooms:-:*:*:*:*:macos:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "workplace_desktop",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "macos_meeting_sdk",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:rooms:-:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rooms",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42441",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T13:31:24.474262Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-07T13:17:05.280Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS"
              ],
              "product": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS",
              "vendor": "Zoom Communications Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 6.1.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
                }
              ],
              "value": "Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 [LLM] Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-02T20:56:32.826Z",
            "orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
            "shortName": "Zoom"
          },
          "references": [
            {
              "url": "https://www.zoom.com/en/trust/security-bulletin/zsb-24034"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS -  Incorrect Privilege Assignment",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
        "assignerShortName": "Zoom",
        "cveId": "CVE-2024-42441",
        "datePublished": "2024-08-14T16:46:17.936Z",
        "dateReserved": "2024-08-01T19:13:16.137Z",
        "dateUpdated": "2025-10-07T13:17:05.280Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42440 (GCVE-0-2024-42440)

    Vulnerability from nvd – Published: 2024-08-14 16:44 – Updated: 2024-08-14 18:06
    VLAI
    Title
    Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management
    Summary
    Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Zoom Communications Inc. Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS Affected: before version 6.1.5
    Create a notification for this product.
    zoom macos_meeting_sdk Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zoom workplace_desktop Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    zoom rooms Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "macos_meeting_sdk",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "workplace_desktop",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "rooms",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42440",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T17:58:35.327020Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-14T18:06:25.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS"
              ],
              "product": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS",
              "vendor": "Zoom Communications Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 6.1.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
                }
              ],
              "value": "Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T16:46:10.026Z",
            "orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
            "shortName": "Zoom"
          },
          "references": [
            {
              "url": "https://www.zoom.com/en/trust/security-bulletin/zsb-24034"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS -  Improper Privilege Management",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
        "assignerShortName": "Zoom",
        "cveId": "CVE-2024-42440",
        "datePublished": "2024-08-14T16:44:46.080Z",
        "dateReserved": "2024-08-01T19:13:16.137Z",
        "dateUpdated": "2024-08-14T18:06:25.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42441 (GCVE-0-2024-42441)

    Vulnerability from cvelistv5 – Published: 2024-08-14 16:46 – Updated: 2025-10-07 13:17
    VLAI
    Title
    Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege Assignment
    Summary
    Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - [LLM] Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    Zoom Communications Inc. Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS Affected: before version 6.1.5
    Create a notification for this product.
    zoom workplace_desktop Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    zoom macos_meeting_sdk Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zoom rooms Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:rooms:-:*:*:*:*:macos:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "workplace_desktop",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "macos_meeting_sdk",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:rooms:-:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rooms",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42441",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T13:31:24.474262Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-07T13:17:05.280Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS"
              ],
              "product": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS",
              "vendor": "Zoom Communications Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 6.1.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
                }
              ],
              "value": "Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 [LLM] Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-02T20:56:32.826Z",
            "orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
            "shortName": "Zoom"
          },
          "references": [
            {
              "url": "https://www.zoom.com/en/trust/security-bulletin/zsb-24034"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS -  Incorrect Privilege Assignment",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
        "assignerShortName": "Zoom",
        "cveId": "CVE-2024-42441",
        "datePublished": "2024-08-14T16:46:17.936Z",
        "dateReserved": "2024-08-01T19:13:16.137Z",
        "dateUpdated": "2025-10-07T13:17:05.280Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42440 (GCVE-0-2024-42440)

    Vulnerability from cvelistv5 – Published: 2024-08-14 16:44 – Updated: 2024-08-14 18:06
    VLAI
    Title
    Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management
    Summary
    Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Zoom Communications Inc. Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS Affected: before version 6.1.5
    Create a notification for this product.
    zoom macos_meeting_sdk Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*
    Create a notification for this product.
    zoom workplace_desktop Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    zoom rooms Affected: 0 , < 6.1.5 (custom)
        cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:zoom:macos_meeting_sdk:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "macos_meeting_sdk",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "workplace_desktop",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "rooms",
                "vendor": "zoom",
                "versions": [
                  {
                    "lessThan": "6.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42440",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T17:58:35.327020Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-14T18:06:25.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS"
              ],
              "product": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS",
              "vendor": "Zoom Communications Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 6.1.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
                }
              ],
              "value": "Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T16:46:10.026Z",
            "orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
            "shortName": "Zoom"
          },
          "references": [
            {
              "url": "https://www.zoom.com/en/trust/security-bulletin/zsb-24034"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS -  Improper Privilege Management",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
        "assignerShortName": "Zoom",
        "cveId": "CVE-2024-42440",
        "datePublished": "2024-08-14T16:44:46.080Z",
        "dateReserved": "2024-08-01T19:13:16.137Z",
        "dateUpdated": "2024-08-14T18:06:25.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }