Buffer Over-Read Vulnerability in Zoom Workplace Apps for Windows
CVE-2025-46785

6.5MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps
Vendor: CVE Published:; 14 May 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-46785?

A buffer over-read vulnerability in certain Zoom Workplace Apps for Windows can potentially allow authenticated users to exploit the issue, resulting in a denial of service through network access. Users are advised to stay informed about this vulnerability to mitigate potential risks related to service disruptions.

Affected Version(s)

Zoom Workplace Apps Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25021

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Apr 29, 2025