CVE-2024-45418

Medium

Published: 25 February 2025

Published

25 February 2025

Modified

04 March 2025

KEV Added

—

Patch

—

CVSS Score 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS Score 0.0034 56.4th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-45418 is a medium-severity UNIX Symbolic Link (Symlink) Following (CWE-61) vulnerability in Zoom Meeting Software Development Kit. Its CVSS base score is 5.4 (Medium).

Operationally, ranked in the top 43.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-11 (User-installed Software) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly requires timely remediation of the symlink following flaw in the Zoom installer by applying the vendor update to version 6.1.5 or later.

CM-11 User-installed Software good match

prevent

Prohibits or controls user-installed software to block execution of the vulnerable Zoom installer that enables authenticated privilege escalation via symlink following.

SI-10 Information Input Validation partial match

prevent

Enforces validation of file paths and inputs to mitigate improper symlink resolution before file access (CWE-59/61) during the installation process.

NVD Description

Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.

Deeper analysisAI

CVE-2024-45418 involves symlink following in the installer for some Zoom apps on macOS versions before 6.1.5. This vulnerability, tied to CWE-61 (Symbolic Link Following) and CWE-59 (Improper Link Resolution Before File Access), carries a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) and was published on 2025-02-25.

An authenticated user with network access can exploit the issue during the installation process, requiring low attack complexity, user interaction, and low privileges. Successful exploitation enables escalation of privilege, with changed scope leading to limited impacts on confidentiality and integrity but no availability disruption.

Zoom's security bulletin at https://www.zoom.com/en/trust/security-bulletin/zsb-24040/ addresses the vulnerability, recommending an update to version 6.1.5 or later as the primary mitigation.

Details

CWE(s): CWE-61 CWE-59

Affected Products

zoom

meeting software development kit

≤ 6.1.5

zoom

rooms

≤ 6.1.5

zoom

video software development kit

≤ 6.1.5

zoom

workplace desktop

≤ 6.1.5

CVEs Like This One

CVE-2025-0147Same product: Zoom Meeting Software Development Kit

CVE-2025-0145Same product: Zoom Meeting Software Development Kit

CVE-2024-45421Same product: Zoom Meeting Software Development Kit

CVE-2025-49457Same product: Zoom Meeting Software Development Kit

CVE-2025-27440Same product: Zoom Meeting Software Development Kit

CVE-2024-45424Same product: Zoom Meeting Software Development Kit

CVE-2025-0151Same product: Zoom Meeting Software Development Kit

CVE-2025-0149Same product: Zoom Meeting Software Development Kit

CVE-2025-27439Same product: Zoom Meeting Software Development Kit

CVE-2025-46788Same product: Zoom Workplace Desktop

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24040/
Vendor Advisory · security@zoom.us