CVE-2024-42435

Q: What is the severity of CVE-2024-42435?

CVE-2024-42435 has a CVSS score of 4.9 (MEDIUM). This vulnerability allows privileged users within Zoom Workplace environments to access sensitive information through network connections. It affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The risk primarily impacts organizations using these Zoom products with privileged user accounts.

4.9 MEDIUM

📋 TL;DR

This vulnerability allows privileged users within Zoom Workplace environments to access sensitive information through network connections. It affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The risk primarily impacts organizations using these Zoom products with privileged user accounts.

💻 Affected Systems

Products:

Zoom Workplace Apps
Zoom SDKs
Zoom Rooms Clients
Zoom Rooms Controllers

Versions: Specific versions not detailed in advisory; check Zoom security bulletin ZSB-24030 for exact versions

Operating Systems: Multiple platforms supported by Zoom products

Default Config Vulnerable: ⚠️ Yes

Notes: Requires privileged user access and network connectivity to affected Zoom components.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Privileged users could access confidential meeting data, user information, or internal system details, potentially leading to data breaches or corporate espionage.

🟠

Likely Case

Internal privileged users accidentally or intentionally accessing information they shouldn't have access to, violating data privacy policies.

🟢

If Mitigated

With proper access controls and network segmentation, impact is limited to authorized users accessing only information relevant to their roles.

🌐 Internet-Facing: LOW - The vulnerability requires privileged user access and network access, making direct internet exploitation unlikely without internal foothold.

🏢 Internal Only: MEDIUM - Internal privileged users could exploit this, but requires specific access rights and network positioning.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires privileged user credentials and network access to vulnerable components.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zoom security bulletin ZSB-24030 for specific patched versions

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/zsb-24030

Restart Required: Yes

Instructions:

1. Review Zoom security bulletin ZSB-24030. 2. Identify affected Zoom products in your environment. 3. Update all affected Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers to patched versions. 4. Restart services after updating.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom components to only necessary users and systems

Privilege Reduction

all

Review and minimize privileged user accounts with access to Zoom management interfaces

🧯 If You Can't Patch

Implement strict network access controls to limit which users can reach Zoom management interfaces
Enhance monitoring of privileged user activities on Zoom systems and review access logs regularly

🔍 How to Verify

Check if Vulnerable:

Check Zoom product versions against affected versions listed in ZSB-24030 advisory

Check Version:

Check within Zoom admin console or product about/settings sections for version information

Verify Fix Applied:

Confirm all Zoom products are updated to versions specified in Zoom's security bulletin as patched

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to Zoom management interfaces
Multiple failed access attempts followed by successful privileged access

Network Indicators:

Unexpected network traffic to Zoom management ports from unauthorized sources

SIEM Query:

source="zoom*" AND (event_type="admin_access" OR event_type="privileged_action") AND user_privilege="high"

📊 Metadata

CVE ID: CVE-2024-42435

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: August 14, 2024

Last Updated: September 4, 2024

🔗 References

https://www.zoom.com/en/trust/security-bulletin/zsb-24030 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Workplace by Zoom

Workplace by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Privilege Reduction

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities