Denial of Service Vulnerability in Zoom Workplace Apps and SDKs
CVE-2024-27246

4.3MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps And Sdks
Vendor: CVE Published:; 25 February 2025

Summary

A use after free vulnerability in various Zoom Workplace Apps and SDKs may enable an authenticated user to launch a denial of service attack through network access. This could potentially disrupt service availability for other users, highlighting the need for immediate security assessments and remediation.

Affected Version(s)

Zoom Workplace Apps and SDKs MacOS See references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-24017/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Feb 21, 2024