Zoom, the leader in video messaging, has released patches for seven flaws in its desktop and mobile apps, including one that affects Windows software and is of a critical severity.
The critical vulnerability, identified as CVE-2024-24691 (CVSS score of 9.6), is characterized by an incorrect input validation that may enable a network-acquired attacker to escalate privileges. According to the company’s advisory, Zoom’s Desktop Client for Windows prior to version 5.16.5, VDI Client for Windows prior to version 5.16.10 (apart from 5.14.14 and 5.15.12), Rooms Client for Windows prior to version 5.17.0, and Meeting SDK for Windows prior to version 5.16.5 are impacted.
The video messaging provider fixed a high-severity privilege escalation flaw in these Windows apps as well, pointing out that it can be used locally without authentication.
Read More: Zoom Patches Critical Vulnerability in Windows Applications
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.