CVE-2024-27247 MEDIUM

CVE-2024-27247: Zoom Desktop Client for macOS - Improper Privilege Management

Vendor Zoom Video Communications, Inc.
Product Zoom Desktop Client for macOS
Weakness CWE-347
Published April 9, 2024
Last update September 20, 2024

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N

What the vulnerability does

01Description

Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access.

Key dates

02Disclosure timeline

April 9, 2024 CVE published
September 20, 2024 Record updated