Critical Flaw in Zoom Windows Apps Allows Privilege Elevation

Summary:

Zoom has addressed an input validation flaw (CVE-2024-24691) that renders the Zoom desktop and VDI clients, along with the Meeting SDK for Windows, vulnerable to privilege escalation on the target system via the network, even by an unauthenticated attacker.

Threat Level – Red | Vulnerability Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.