CVE-2025-0147

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 30, 2025

CWE ID 843

Summary

CVE-2025-0147 is a type confusion vulnerability affecting the Zoom Workplace App for Linux prior to version 6.2.10. This issue enables an authorized user to potentially escalate their privileges via network access, granting them higher levels of access and control within the application. Type confusion occurs when a program fails to correctly handle data types, leading to unintended code execution and possible privilege escalation. Users are urged to update their Zoom Workplace App to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Video SDK

Affected Vendors

Zoom Video Communications, Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2dcxvM
https://www.cve.org/CVERecord?id=CVE-2025-0147
https://nvd.nist.gov/vuln/detail/CVE-2025-0147

Back to Vulnerability Database