CVE-2025-46785 – A buffer over-read vulnerability in Zoom Workpl... (How to Fix)

Q: What is the severity of CVE-2025-46785?

CVE-2025-46785 has a CVSS score of 6.5 (MEDIUM). A buffer over-read vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This affects Zoom Workplace users on Windows systems with vulnerable versions installed. The vulnerability requires authentication but could disrupt service availability.

📋 TL;DR

A buffer over-read vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This affects Zoom Workplace users on Windows systems with vulnerable versions installed. The vulnerability requires authentication but could disrupt service availability.

💻 Affected Systems

Products:

Zoom Workplace Apps

Versions: Specific versions not detailed in reference; check Zoom security bulletin ZSB-25021 for exact affected versions

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows versions of Zoom Workplace Apps; requires authenticated user access

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of Zoom Workplace applications on affected systems, potentially requiring system restart to restore functionality.

🟠

Likely Case

Application crashes or instability affecting Zoom Workplace functionality for authenticated users.

🟢

If Mitigated

Minimal impact with proper network segmentation and authentication controls limiting exploit scope.

🌐 Internet-Facing: MEDIUM - Requires authenticated access but could be exploited through internet-facing Zoom services.

🏢 Internal Only: MEDIUM - Authenticated internal users could exploit to disrupt Zoom Workplace services.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated access and network connectivity to vulnerable system; buffer over-read vulnerabilities typically require specific conditions to trigger

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zoom security bulletin ZSB-25021 for patched versions

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/zsb-25021

Restart Required: Yes

Instructions:

1. Visit Zoom security bulletin ZSB-25021
2. Identify patched version for your Zoom Workplace Apps
3. Update Zoom Workplace Apps through official update mechanism
4. Restart affected systems after update

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom Workplace services to trusted users only

Authentication Controls

all

Implement strict authentication requirements and monitor for suspicious authenticated sessions

🧯 If You Can't Patch

Implement network segmentation to isolate Zoom Workplace systems from untrusted networks
Monitor for application crashes or unusual Zoom Workplace behavior indicating potential exploitation

🔍 How to Verify

Check if Vulnerable:

Check Zoom Workplace Apps version against affected versions listed in ZSB-25021 security bulletin

Check Version:

In Zoom Workplace Apps: Help > About or check application properties

Verify Fix Applied:

Verify Zoom Workplace Apps version matches or exceeds patched version from ZSB-25021

📡 Detection & Monitoring

Log Indicators:

Zoom Workplace application crashes
Unexpected termination of Zoom processes
Access violations in application logs

Network Indicators:

Unusual network patterns to Zoom services from authenticated users
Multiple connection attempts followed by service disruption

SIEM Query:

source="zoom" AND (event="crash" OR event="termination" OR severity="critical")

📊 Metadata

CVE ID: CVE-2025-46785

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.11% exploit probability (29.3th percentile)

Published: May 14, 2025

Last Updated: August 19, 2025

🔗 References

https://www.zoom.com/en/trust/security-bulletin/zsb-25021 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-46785, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Meeting Software Development Kit by Zoom

Rooms by Zoom

Rooms Controller by Zoom

Workplace Desktop by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Authentication Controls

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities