Remote code execution in Zoom apps and SDKs
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2025-27440 |
| CWE-ID | CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Zoom Workplace Desktop App for Windows Client/Desktop applications / Office applications Zoom Workplace Desktop App for macOS Client/Desktop applications / Office applications Zoom Workplace Desktop App for Linux Client/Desktop applications / Office applications Zoom Rooms Controller for Windows Client/Desktop applications / Office applications Zoom Rooms Controller for macOS Client/Desktop applications / Office applications Zoom Rooms Controller for Linux Client/Desktop applications / Office applications Zoom Rooms Client for Windows Client/Desktop applications / Office applications Zoom Rooms Client for macOS Client/Desktop applications / Office applications Zoom Workplace App for iOS Mobile applications / Apps for mobile phones Zoom Workplace App for Android Mobile applications / Apps for mobile phones Zoom Rooms Controller for Android Mobile applications / Apps for mobile phones Zoom Rooms Client for iPad Mobile applications / Apps for mobile phones Zoom Rooms Client for Android Mobile applications / Apps for mobile phones Virtual Desktop Infrastructure (VDI) Server applications / Conferencing, Collaboration and VoIP solutions Zoom Meeting SDK for Windows Universal components / Libraries / Software for developers Zoom Meeting SDK for iOS Universal components / Libraries / Software for developers Zoom Meeting SDK for Android Universal components / Libraries / Software for developers Zoom Meeting SDK for macOS Universal components / Libraries / Software for developers Zoom Meeting SDK for Linux Universal components / Libraries / Software for developers |
| Vendor | Zoom Video Communications, Inc. |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-based buffer overflow
EUVDB-ID: #VU105772
Risk: High
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-27440
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim into performing certain actions within the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsZoom Workplace Desktop App for Windows: 0.9.10042.0911 - 6.2.11 50939
Zoom Workplace Desktop App for macOS: 4.6.9 19273.0402 - 6.2.11 43613
Zoom Workplace Desktop App for Linux: 5.1.418436.0628 - 6.2.11 5069
Zoom Workplace App for iOS: 4.6.10 20012.0407 - 6.2.11 20262
Zoom Workplace App for Android: 4.6.11 20553.0413 - 6.2.11 25893
Virtual Desktop Infrastructure (VDI): 6.1.0 - 6.2.11.25670
Zoom Rooms Controller for Windows: 6.1.0 - 6.2.5
Zoom Rooms Controller for macOS: 6.1.0 - 6.2.10
Zoom Rooms Controller for Linux: 6.0.0 - 6.2.5
Zoom Rooms Controller for Android: 6.1.0 - 6.2.5
Zoom Rooms Client for Windows: 4.6.5 18374.0407 - 6.2.5
Zoom Rooms Client for macOS: 4.6.5 2040.0406 - 6.2.10
Zoom Rooms Client for iPad: 6.0.0 - 6.2.5
Zoom Meeting SDK for Windows: 5.9.0 - 6.2.11
Zoom Meeting SDK for iOS: 5.9.0 - 6.2.11
Zoom Meeting SDK for Android: 5.9.0 - 6.2.11
Zoom Meeting SDK for macOS: 5.9.0 - 6.2.11
Zoom Meeting SDK for Linux: 5.15.5 - 6.2.11
Zoom Rooms Client for Android: before 6.3.0
CPE2.3- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:0.9.10042.0911:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:0.9.10894.0925:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_windows:0.92.12362.1030:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:4.6.9:19273.0402:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:4.6.11:20561.0413:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_macos:4.6.12:20615.0421:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.1.418436.0628:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.1.422789.0705:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_linux:5.3.469451.0927:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_ios:4.6.10:20012.0407:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_client_for_android:4.6.11:20553.0413:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:vdi:6.1.15.25650:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_controller_for_windows:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_controller_for_macos:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_controller_for_linux:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_controller_for_android:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_for_windows:4.6.5:18374.0407:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_for_macos:4.6.5:2040.0406:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_client_for_ipad:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_meeting_sdk_for_windows:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_meeting_sdk_for_ios:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_meeting_sdk_for_android:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_meeting_sdk_for_macos:5.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_meeting_sdk_for_linux:5.15.5:*:*:*:*:*:*:*
- cpe:2.3:a:zoom_video_communications:zoom_rooms_client_for_android:*:*:*:*:*:*:*:*
https://www.zoom.com/en/trust/security-bulletin/zsb-25011/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
