CVE-2025-0147

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.
Type Confusion
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
ZoomCNA
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
zoommeeting_software_development_kit
𝑥
< 6.2.10
zoomvideo_software_development_kit
𝑥
< 6.2.10
zoomworkplace_desktop
𝑥
< 6.2.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zoom.com/en/trust/security-bulletin/zsb-25006/