Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element

Bulletin: ZSB-24027
CVEID: CVE-2024-39820
CVSS Severity: Medium
CVSS Score: 6.6
CVSS Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

Description:

Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before 6.0.10 may allow an authenticated user to conduct a denial of service via local access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace Desktop App for macOS before version 6.0.10

Source:

Reported by an anonymous researcher.

Revision	Date	Description
1.0	07/09/2024	Initial publication.

Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element

Subscribe for updates