Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity

  • ZSB-24015
  • CVE-2024-27244
  • Medium
  • 6.7
  • CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Insufficient verification of data authenticity in the installer for Zoom Workplace  VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

 

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

  • Zoom Workplace VDI App for Windows before version 5.17.10 (excluding 5.15.x)

Reported by an anonymous researcher.

Revision Date Description
1.1 09/04/2024

Duplicate of ZSB-23027, CVE-2023-34114 has been rejected.

1.0 05/14/2024

Initial publication.