CVE-2025-0151

Q: What is the severity of CVE-2025-0151?

CVE-2025-0151 has a CVSS score of 8.5 (HIGH). This CVE describes a use-after-free vulnerability in Zoom Workplace Apps that allows authenticated users to escalate privileges through network access. The vulnerability affects users of Zoom Workplace applications who have network connectivity to vulnerable systems. Attackers could potentially gain elevated privileges on affected systems.

8.5 HIGH

📋 TL;DR

This CVE describes a use-after-free vulnerability in Zoom Workplace Apps that allows authenticated users to escalate privileges through network access. The vulnerability affects users of Zoom Workplace applications who have network connectivity to vulnerable systems. Attackers could potentially gain elevated privileges on affected systems.

💻 Affected Systems

Products:

Zoom Workplace Apps

Versions: Specific versions not detailed in reference; check Zoom advisory ZSB-25010 for exact affected versions

Operating Systems: Windows, macOS, Linux, Mobile platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access and network connectivity to vulnerable systems

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could gain administrative privileges on the system, potentially leading to complete system compromise, data exfiltration, or lateral movement within the network.

🟠

Likely Case

An authenticated user could elevate their privileges beyond their intended level, potentially accessing sensitive data or performing unauthorized administrative actions.

🟢

If Mitigated

With proper network segmentation and least privilege access controls, the impact would be limited to the specific application scope rather than full system compromise.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated access and knowledge of the vulnerability; exploitation likely requires understanding of memory corruption techniques

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zoom advisory ZSB-25010 for patched versions

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/zsb-25010/

Restart Required: No

Instructions:

1. Visit the Zoom security advisory ZSB-25010. 2. Identify affected versions. 3. Update Zoom Workplace Apps to the latest patched version. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom Workplace Apps to only trusted users and networks

Least Privilege Access

all

Implement strict access controls to limit authenticated users to minimum necessary privileges

🧯 If You Can't Patch

Implement strict network segmentation to isolate vulnerable systems
Apply principle of least privilege to all user accounts accessing Zoom Workplace Apps

🔍 How to Verify

Check if Vulnerable:

Check Zoom Workplace App version against affected versions listed in ZSB-25010 advisory

Check Version:

In Zoom Workplace App: Settings > About > Version

Verify Fix Applied:

Verify Zoom Workplace App version is updated to patched version specified in ZSB-25010

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts
Multiple failed authentication attempts followed by successful privileged access
Abnormal process creation by Zoom applications

Network Indicators:

Unusual network traffic patterns to/from Zoom applications
Suspicious authentication requests

SIEM Query:

source="zoom" AND (event_type="privilege_escalation" OR event_type="authentication_failure")

📊 Metadata

CVE ID: CVE-2025-0151

CVSS v3 Score: 8.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.13% exploit probability (32.8th percentile)

Published: March 11, 2025

Last Updated: October 22, 2025

🔗 References

https://www.zoom.com/en/trust/security-bulletin/zsb-25010/ Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Workplace by Zoom

Workplace by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Least Privilege Access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities