CVE-2025-0144

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

ut-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

References

Link	Resource
https://www.zoom.com/en/trust/security-bulletin/zsb-25003/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zoom:meeting_software_development_kit::::::android::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::iphone_os::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::linux::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::macos::*
	cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::*
	cpe:2.3:a:zoom:rooms::::::ipados::*
	cpe:2.3:a:zoom:rooms::::::macos::*
	cpe:2.3:a:zoom:rooms::::::windows::*
	cpe:2.3:a:zoom:rooms_controller::::::android::*
	cpe:2.3:a:zoom:rooms_controller::::::linux::*
	cpe:2.3:a:zoom:rooms_controller::::::macos::*
	cpe:2.3:a:zoom:rooms_controller::::::windows::*
	cpe:2.3:a:zoom:video_software_development_kit::::::android::*
	cpe:2.3:a:zoom:video_software_development_kit::::::iphone_os::*
	cpe:2.3:a:zoom:video_software_development_kit::::::linux::*
	cpe:2.3:a:zoom:video_software_development_kit::::::macos::*
	cpe:2.3:a:zoom:video_software_development_kit::::::windows::*
	cpe:2.3:a:zoom:workplace::::::android::*
	cpe:2.3:a:zoom:workplace::::::iphone_os::*
	cpe:2.3:a:zoom:workplace_desktop::::::linux::*
	cpe:2.3:a:zoom:workplace_desktop::::::macos::*
	cpe:2.3:a:zoom:workplace_desktop::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*

History

20 Aug 2025, 12:36

Type	Values Removed	Values Added
CPE		cpe:2.3:a:zoom:meeting_software_development_kit::::::macos::* cpe:2.3:a:zoom:workplace_desktop::::::windows::* cpe:2.3:a:zoom:meeting_software_development_kit::::::linux::* cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::* cpe:2.3:a:zoom:video_software_development_kit::::::windows::* cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::* cpe:2.3:a:zoom:video_software_development_kit::::::macos::* cpe:2.3:a:zoom:video_software_development_kit::::::android::* cpe:2.3:a:zoom:workplace_desktop::::::linux::* cpe:2.3:a:zoom:rooms::::::windows::* cpe:2.3:a:zoom:workplace_desktop::::::macos::* cpe:2.3:a:zoom:rooms_controller::::::linux::* cpe:2.3:a:zoom:rooms_controller::::::windows::* cpe:2.3:a:zoom:rooms_controller::::::macos::* cpe:2.3:a:zoom:meeting_software_development_kit::::::android::* cpe:2.3:a:zoom:video_software_development_kit::::::linux::* cpe:2.3:a:zoom:rooms_controller::::::android::* cpe:2.3:a:zoom:workplace::::::android::* cpe:2.3:a:zoom:workplace::::::iphone_os::* cpe:2.3:a:zoom:rooms::::::ipados::* cpe:2.3:a:zoom:meeting_software_development_kit::::::iphone_os::* cpe:2.3:a:zoom:video_software_development_kit::::::iphone_os::* cpe:2.3:a:zoom:rooms::::::macos::*
First Time		Zoom Zoom meeting Software Development Kit Zoom workplace Desktop Zoom video Software Development Kit Zoom workplace Zoom rooms Controller Zoom workplace Virtual Desktop Infrastructure Zoom rooms
Summary		(es) Fuera de los límites la escritura en algunas aplicaciones de Zoom Workplace puede permitir que un usuario autorizado realice una pérdida de integridad a través del acceso a la red.
References	~~() https://www.zoom.com/en/trust/security-bulletin/zsb-25003/ -~~	() https://www.zoom.com/en/trust/security-bulletin/zsb-25003/ - Vendor Advisory

30 Jan 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-30 20:15

Updated : 2025-08-20 12:36

NVD link : CVE-2025-0144

Mitre link : CVE-2025-0144

CVE.ORG link : CVE-2025-0144

JSON object : View

Products Affected

zoom

CWE

CWE-787

Out-of-bounds Write

3.1 /10