CVE-2025-30665 – A NULL pointer dereference vulnerability in Zoo... (How to Fix)

Q: What is the severity of CVE-2025-30665?

CVE-2025-30665 has a CVSS score of 6.5 (MEDIUM). A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause a denial of service through network access. This affects Zoom Workplace users on Windows systems where the vulnerable software is installed. The vulnerability requires authentication but can be exploited remotely.

📋 TL;DR

A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause a denial of service through network access. This affects Zoom Workplace users on Windows systems where the vulnerable software is installed. The vulnerability requires authentication but can be exploited remotely.

💻 Affected Systems

Products:

Zoom Workplace Apps for Windows

Versions: Specific versions not detailed in reference; check Zoom advisory ZSB-25018

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows versions of Zoom Workplace Apps. Requires user authentication.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of Zoom Workplace applications on affected systems, requiring restart or reinstallation.

🟠

Likely Case

Application crash affecting individual user sessions, disrupting meetings and collaboration features.

🟢

If Mitigated

Minimal impact with proper network segmentation and authentication controls limiting exploit surface.

🌐 Internet-Facing: MEDIUM - Requires authenticated access but can be exploited remotely via network.

🏢 Internal Only: MEDIUM - Authenticated internal users could disrupt Zoom services for themselves or others.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

NULL pointer dereference typically requires specific conditions to trigger but is straightforward once identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zoom advisory ZSB-25018 for specific patched versions

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/zsb-25018

Restart Required: Yes

Instructions:

1. Visit Zoom's security bulletin ZSB-25018. 2. Download and install the latest patched version of Zoom Workplace Apps for Windows. 3. Restart the application and system if prompted.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom applications to trusted users only

Authentication Controls

all

Implement strong authentication mechanisms to limit potential attackers

🧯 If You Can't Patch

Implement strict network access controls to limit who can communicate with Zoom applications
Monitor for abnormal application crashes and investigate potential exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check Zoom application version against vulnerable versions listed in ZSB-25018 advisory

Check Version:

In Zoom app: Help > About Zoom (shows version number)

Verify Fix Applied:

Verify Zoom application version matches or exceeds patched version from ZSB-25018

📡 Detection & Monitoring

Log Indicators:

Unexpected Zoom application crashes
Access logs showing repeated authentication attempts

Network Indicators:

Unusual network traffic patterns to Zoom application ports
Multiple connection attempts from single sources

SIEM Query:

source="zoom" AND (event="crash" OR event="exception")

📊 Metadata

CVE ID: CVE-2025-30665

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.11% exploit probability (29.4th percentile)

Published: May 14, 2025

Last Updated: August 5, 2025

🔗 References

https://www.zoom.com/en/trust/security-bulletin/zsb-25018 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-30665, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Meeting Software Development Kit by Zoom

Rooms by Zoom

Rooms Controller by Zoom

Workplace Desktop by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Authentication Controls

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities