cbcvebase.
CVE-2025-0144
published 2025-01-30

CVE-2025-0144: Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

PriorityP338medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.33%
24.8th percentile
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

Affected

9 ranges
VendorProductVersion rangeFixed in
zoommeeting_software_development_kit< 6.2.56.2.5
zoomrooms< 6.2.56.2.5
zoomrooms_controller< 6.2.56.2.5
zoomvideo_software_development_kit< 6.2.56.2.5
zoomworkplace< 6.2.56.2.5
zoomworkplace_desktop< 6.2.56.2.5
zoomworkplace_virtual_desktop_infrastructure< 6.0.156.0.15
zoomworkplace_virtual_desktop_infrastructure>= 6.0.16 < 6.1.136.1.13
zoom_communications_inczoom_workplace_apps
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.