CVE-2025-0144

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

CVSS v3.0 6.5 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.zoom.com/en/trust/security-bulletin/zsb-25003/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zoom:meeting_software_development_kit::::::linux::*
	cpe:2.3:a:zoom:video_software_development_kit::::::linux::*
	cpe:2.3:a:zoom:workplace_desktop::::::linux::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::android::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::iphone_os::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::macos::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::*
	cpe:2.3:a:zoom:rooms::::::ipados::*
	cpe:2.3:a:zoom:rooms::::::macos::*
	cpe:2.3:a:zoom:rooms::::::windows::*
	cpe:2.3:a:zoom:rooms_controller::::::android::*
	cpe:2.3:a:zoom:rooms_controller::::::linux::*
	cpe:2.3:a:zoom:rooms_controller::::::macos::*
	cpe:2.3:a:zoom:rooms_controller::::::windows::*
	cpe:2.3:a:zoom:video_software_development_kit::::::android::*
	cpe:2.3:a:zoom:video_software_development_kit::::::iphone_os::*
	cpe:2.3:a:zoom:video_software_development_kit::::::macos::*
	cpe:2.3:a:zoom:video_software_development_kit::::::windows::*
	cpe:2.3:a:zoom:workplace::::::android::*
	cpe:2.3:a:zoom:workplace::::::iphone_os::*
	cpe:2.3:a:zoom:workplace_desktop::::::macos::*
	cpe:2.3:a:zoom:workplace_desktop::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*

History

20 Aug 2025, 12:36

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
First Time		Zoom rooms Zoom video Software Development Kit Zoom rooms Controller Zoom workplace Zoom meeting Software Development Kit Zoom workplace Desktop Zoom Zoom workplace Virtual Desktop Infrastructure
References	~~() https://www.zoom.com/en/trust/security-bulletin/zsb-25003/ -~~	() https://www.zoom.com/en/trust/security-bulletin/zsb-25003/ - Vendor Advisory
CPE		cpe:2.3:a:zoom:meeting_software_development_kit::::::android::* cpe:2.3:a:zoom:meeting_software_development_kit::::::linux::* cpe:2.3:a:zoom:rooms_controller::::::android::* cpe:2.3:a:zoom:workplace_desktop::::::macos::* cpe:2.3:a:zoom:video_software_development_kit::::::windows::* cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::* cpe:2.3:a:zoom:workplace_desktop::::::windows::* cpe:2.3:a:zoom:workplace::::::iphone_os::* cpe:2.3:a:zoom:rooms::::::macos::* cpe:2.3:a:zoom:workplace_desktop::::::linux::* cpe:2.3:a:zoom:rooms_controller::::::linux::* cpe:2.3:a:zoom:rooms_controller::::::windows::* cpe:2.3:a:zoom:video_software_development_kit::::::macos::* cpe:2.3:a:zoom:workplace::::::android::* cpe:2.3:a:zoom:rooms_controller::::::macos::* cpe:2.3:a:zoom:rooms::::::windows::* cpe:2.3:a:zoom:meeting_software_development_kit::::::macos::* cpe:2.3:a:zoom:rooms::::::ipados::* cpe:2.3:a:zoom:video_software_development_kit::::::android::* cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::* cpe:2.3:a:zoom:video_software_development_kit::::::iphone_os::* cpe:2.3:a:zoom:video_software_development_kit::::::linux::* cpe:2.3:a:zoom:meeting_software_development_kit::::::iphone_os::*

30 Jan 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-30 20:15

Updated : 2025-08-20 12:36

NVD link : CVE-2025-0144

Mitre link : CVE-2025-0144

JSON object : View

Products Affected

zoom

video_software_development_kit
workplace_desktop
workplace
workplace_virtual_desktop_infrastructure
rooms
rooms_controller
meeting_software_development_kit

CWE

No CWE.

6.5 /10