Buffer Underflow in Zoom Workplace Apps Allows Privilege Escalation
CVE-2025-27439

8.5HIGH

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps
Vendor: CVE Published:; 11 March 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2025-27439?

A buffer underflow vulnerability has been identified in certain versions of Zoom Workplace Apps that enables an authenticated user to execute a privilege escalation attack via network access. This vulnerability may allow attackers to gain elevated permissions and access sensitive functionalities within the application.

Affected Version(s)

Zoom Workplace Apps iOS See references.

News Articles

The Cyber Express

CVE-2025-0151 CVE-2025-27439

Multiple Zoom Vulnerabilities Detected In Products

Zoom Vulnerabilities, including CVE-2025-27440 and CVE-2025-27439, have been addressed with critical patches.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25011/

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by The Cyber Express
Mar 13, 2025
Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Feb 25, 2025