Multiple High-Severity Vulnerabilities Patched in Zoom
Summary
Multiple high-severity vulnerabilities have been identified in Zoom applications, including Zoom Workplace, Rooms Controller, Rooms Client, and Meeting SDK, causing exposure of Sensitive Data.
The most critical flaws, patched in Zoom’s March 11, 2025, security bulletin, include CVE-2025-27440 (heap-based buffer overflow), CVE-2025-27439 (buffer underflow), CVE-2025-0151 (use-after-free) CVE-2025-0150 (incorrect behavior order in iOS Workplace Apps).
All rated high severity with CVSS scores ranging from 7.1 to 8.5.
| OEM | Zoom |
| Severity | High |
| CVSS | 8.5 |
| CVEs | CVE-2025-27440, CVE-2025-27439, CVE-2025-0151, CVE-2025-0150, CVE-2025-0149 |
| Publicly POC Available | No |
| Patch/Remediation Available | Yes |
| Advisory Version | 1.0 |
Overview
These vulnerabilities could allow attackers to escalate privileges, execute arbitrary code, or cause denial-of-service (DoS) attacks. Zoom has released patches addressing these issues in version 6.3.0.
| Vulnerability Name | CVE ID | Product Affected | Severity | CVSS Score |
| Heap-Based Buffer Overflow Vulnerability | CVE-2025-27440 | ZOOM | High | 8.5 |
| Buffer Underflow Vulnerability | CVE-2025-27439 | ZOOM | High | 8.5 |
| Use-After-Free Vulnerability | CVE-2025-0151 | ZOOM | High | 8.5 |
| Incorrect Behavior Order Vulnerability | CVE-2025-0150 | ZOOM | High | 7.1 |
| Insufficient Data Verification Vulnerability | CVE-2025-0149 | ZOOM | Medium | 6.5 |
Technical Summary
These vulnerabilities could be exploited to gain unauthorized access, execute arbitrary code, or disrupt services through privilege escalation and memory corruption techniques. Exploitation requires authentication and network access, posing a risk to enterprise users.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-27440 | Zoom Workplace Apps ( Windows, macOS, and Linux, as well as mobile apps for iOS and Android.) | Heap-based buffer overflow, allowing attackers to inject malicious code | Privilege Escalation |
| CVE-2025-27439 | Zoom Workplace Apps | Buffer underflow, leading to unexpected crashes or data leakage | Denial of Service, Data Exposure |
| CVE-2025-0151 | Zoom Workplace Apps | Use-after-free issue leading to memory corruption and arbitrary code execution | Privilege Escalation |
| CVE-2025-0150 | Zoom Workplace Apps (iOS) | Incorrect behavior order allowing unauthorized access to authentication tokens | Information Disclosure |
| CVE-2025-0149 | Zoom Workplace Apps | Insufficient verification of data authenticity, allowing malformed network packets to bypass security checks | Denial of Service |
Remediation:
- Apply Patches Promptly: Ensure all Zoom applications are updated to version 6.3.0 or later, which includes fixes for 12 vulnerabilities disclosed in March 2025 alone.
Conclusion:
The recent vulnerabilities in Zoom highlight the ongoing challenges in securing widely used communication platforms. While Zoom has acted swiftly in providing patches, the recurrence of memory corruption and input validation flaws suggests architectural challenges.
Organizations should maintain a proactive security stance, ensuring timely updates and implementing stringent controls to safeguard sensitive data.
Organizations must treat Zoom not as a neutral utility but as a high-risk vector requiring stringent controls.
References: