Denial of Service Vulnerability in Zoom Workplace Clients
CVE-2025-49460

4.3MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Clients
Vendor: CVE Published:; 9 September 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-49460?

A vulnerability in certain Zoom Workplace Clients allows unauthenticated users to exploit uncontrolled resource consumption, potentially leading to service disruptions. This issue can be triggered through network access, making it crucial for users to apply patches provided by Zoom to mitigate the risk of denial of service attacks.

Affected Version(s)

Zoom Workplace Clients Windows 0

References

https://www.zoom.com/en/trust/security-bulletin/ZSB-25033

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Jun 4, 2025