Buffer Overflow Vulnerability in Zoom Workplace Apps and SDKs
CVE-2024-27245

4.3MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps And Sdks
Vendor: CVE Published:; 25 February 2025

Summary

A buffer overflow vulnerability exists in certain Zoom Workplace Apps and SDKs, which could be exploited by an authenticated user to cause a denial of service. This attack vector leverages network access, potentially leading to service disruptions and impaired application functionality. Users are advised to monitor their systems and apply available patches to mitigate the risk associated with this vulnerability.

Affected Version(s)

Zoom Workplace Apps and SDKs MacOS See references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24016/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Feb 21, 2024