CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-0151: Zoom Apps - Use After Free
8.5
CVSS
Description
Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Classification
CVE ID: CVE-2025-0151
CVSS Base Severity: HIGH
CVSS Base Score: 8.5
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Problem Types
CWE-416 Use After FreeAffected Products
Vendor: Zoom Communications, Inc
Product: Zoom Workplace Apps
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 10.14% (scored less or equal to compared to others)
EPSS Date: 2025-04-09 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: total
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2025-0151https://www.zoom.com/en/trust/security-bulletin/zsb-25010/