Denial of Service Flaw in Zoom Workplace Apps for Windows
CVE-2025-30666

6.5MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps For Windows
Vendor: CVE Published:; 14 May 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-30666?

A vulnerability exists in the Zoom Workplace Apps for Windows that allows an authenticated user to perform a denial of service attack through network access due to a NULL pointer dereference. This weakness can disrupt the application’s normal functioning, highlighting the importance of keeping apps up-to-date to mitigate potential risks.

Affected Version(s)

Zoom Workplace Apps for Windows Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25018

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Mar 24, 2025