Zoom Rooms Client for Windows - Race Condition
Description
A race condition in the Zoom Rooms Client for Windows installer before 5.17.5 allows an authenticated local user to cause denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A race condition in the Zoom Rooms Client for Windows installer before 5.17.5 allows an authenticated local user to cause denial of service.
Vulnerability
CVE-2024-24692 is a race condition in the installer component of Zoom Rooms Client for Windows prior to version 5.17.5 [1]. The vulnerability requires local access and authenticated user privileges [1].
Exploitation
To exploit the vulnerability, an authenticated user must have local access to the system and win a race condition against the installer process [1]. The CVSS vector (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H) indicates high attack complexity and user interaction is required [1].
Impact
Successful exploitation results in a denial of service condition affecting system availability (CIA impact: N/N/H) [1]. The scope is changed, meaning the compromise may affect resources beyond the vulnerable component's authorization [1].
Mitigation
Zoom addressed the vulnerability in Zoom Rooms Client for Windows version 5.17.5 [1]. Users should update to the latest available version from zoom.us/download [1]. No other workarounds have been disclosed.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <5.17.5
- Range: before version 5.17.5
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.