Zoom Workplace Apps - Heap-based Buffer Overflow
- ZSB-25012
- CVE-2025-27440
- High
- 8.5
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.
- Zoom Workplace Desktop App for Windows before version 6.3.0
- Zoom Workplace Desktop App for macOS before version 6.3.0
- Zoom Workplace Desktop App for Linux before version 6.3.0
- Zoom Workplace App for iOS before version 6.3.0
- Zoom Workplace App for Android before version 6.3.0
- Zoom Workplace VDI Client for Windows before version 6.2.12 (except version 6.1.16)
- Zoom Rooms Controller for Windows before version 6.3.0
- Zoom Rooms Controller for macOS before version 6.3.0
- Zoom Rooms Controller for Linux before version 6.3.0
- Zoom Rooms Controller for Android before version 6.3.0
- Zoom Rooms Client for Windows before version 6.3.0
- Zoom Rooms Client for macOS before version 6.3.0
- Zoom Rooms Client for Android before version 6.3.0
- Zoom Rooms Client for iPad before version 6.3.0
- Zoom Meeting SDK for Windows before version 6.3.0
- Zoom Meeting SDK for iOS before version 6.3.0
- Zoom Meeting SDK for Android before version 6.3.0
- Zoom Meeting SDK for macOS before version 6.3.0
- Zoom Meeting SDK for Linux before version 6.3.0
Reported by Zoom Offensive Security
| Revision | Date | Description |
|---|---|---|
| 1.1 | 03/21/2025 | Added "Workplace" to the title. |
| 1.0 | 03/11/2025 | Initial publication. |