Denial of Service Vulnerability in Zoom Workplace Apps
CVE-2025-0149

6.5MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Apps
Vendor: CVE Published:; 11 March 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-0149?

A vulnerability in Zoom Workplace Apps exists due to insufficient verification of data authenticity. This weakness may permit an unauthenticated user to execute a denial of service attack through network access, potentially disrupting service for legitimate users. To mitigate risks, users should ensure their apps are always updated to the latest secure versions.

Affected Version(s)

Zoom Apps Windows See references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25008/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Dec 23, 2024