Skip to main content

Workplace Desktop CVE-2025-0144

LOW
Out-of-bounds Write (CWE-787)
2025-01-30 security@zoom.us
Buffer Overflow Memory Corruption Workplace Desktop Meeting Software Development Kit Video Software Development Kit Rooms Rooms Controller Workplace Workplace Virtual Desktop Infrastructure
3.1
CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:06 vuln.today
CVE Published
Jan 30, 2025 - 20:15 nvd
LOW 3.1

DescriptionNVD

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

AnalysisAI

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. Affected products include: Zoom Meeting Software Development Kit, Zoom Rooms, Zoom Rooms Controller, Zoom Video Software Development Kit, Zoom Workplace.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

Share

CVE-2025-0144 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy