image credit: Unsplash

Zoom stomps critical privilege escalation bug plus 6 other flaws

February 15, 2024

Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw.

Tracked as CVE-2024-24691 with a CVSS score of 9.6, Zoom says the vulnerability may enable privilege escalation for unauthenticated users via network access.

Limited technical details were disclosed, but an examination of the exploitability metrics that influenced the severity score shows that Zoom believes an exploit would require little complexity to execute, although some user interaction may be required.

Read More on The Register