Buffer Underflow in Zoom Workplace Apps Allows Privilege Escalation
CVE-2025-27439

8.5HIGH

Key Information:

Vendor

Zoom Communications, Inc

Status
Zoom Workplace Apps
Vendor
CVE Published:
11 March 2025

Badges

📰 News Worthy

What is CVE-2025-27439?

A buffer underflow vulnerability has been identified in certain versions of Zoom Workplace Apps that enables an authenticated user to execute a privilege escalation attack via network access. This vulnerability may allow attackers to gain elevated permissions and access sensitive functionalities within the application.

Affected Version(s)

Zoom Workplace Apps iOS See references.

News Articles

favicon imageThe Cyber Express

Multiple Zoom Vulnerabilities Detected In Products

Zoom Vulnerabilities, including CVE-2025-27440 and CVE-2025-27439, have been addressed with critical patches.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25011/

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 📰

    First article discovered by The Cyber Express

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-27439 : Buffer Underflow in Zoom Workplace Apps Allows Privilege Escalation