Buffer Underflow in Zoom Workplace Apps Allows Privilege Escalation
CVE-2025-27439

8.5HIGH

Key Information:

Vendor
Zoom Communications, Inc
Status
Zoom Workplace Apps
Vendor
CVE Published:
11 March 2025

Summary

A buffer underflow vulnerability has been identified in certain versions of Zoom Workplace Apps that enables an authenticated user to execute a privilege escalation attack via network access. This vulnerability may allow attackers to gain elevated permissions and access sensitive functionalities within the application.

Affected Version(s)

Zoom Workplace Apps iOS See references.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25011/

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-27439 : Buffer Underflow in Zoom Workplace Apps Allows Privilege Escalation | SecurityVulnerability.io