CVE-2024-24697

Published: Feb 14, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-24697" target="_blank" rel="noopener"> CVE-2024-24697
Severity: High
Exploit:

Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.

CVSS v3:

CWEs:

Software	From	Fixed in
zoom / vdi_windows_meeting_clients	-	5.15.5
zoom / rooms	-	5.17.0
zoom / zoom	-	5.17.0
zoom / vdi_windows_meeting_clients	5.15.5.x	5.16.2
zoom / vdi_windows_meeting_clients	5.16.2.x	5.17.5
zoom / meeting_software_development_kit	-	5.17.0