CVE-2025-0143
MEDIUMCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Lifecycle Timeline
2Tags
Description
Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access.
Analysis
Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical Context
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. Affected products include: Zoom Meeting Software Development Kit, Zoom Video Software Development Kit, Zoom Workplace Desktop. Version information: version 6.2.5.
Affected Products
Zoom Meeting Software Development Kit, Zoom Video Software Development Kit, Zoom Workplace Desktop.
Remediation
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today