Null Pointer Dereference in Zoom Workplace Apps for Windows
CVE-2025-30670

6.5MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps For Windows
Vendor: CVE Published:; 8 April 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-30670?

A vulnerability exists in Zoom Workplace Apps for Windows due to a null pointer dereference condition that could allow an authenticated user to exploit the application. This exploit can lead to a denial of service attack via network access, potentially interrupting user operations and service availability. Users are advised to monitor their applications and apply necessary updates to mitigate this security issue.

Affected Version(s)

Zoom Workplace Apps for Windows Windows See references.

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25015

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 24, 2025