Cyber Posture

CVE-2025-27439

High

Published: 11 March 2025

Published
11 March 2025
Modified
22 October 2025
KEV Added
Patch
CVSS Score 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0050 66.2th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-27439 is a buffer underflow vulnerability, classified under CWE-124, affecting some Zoom Workplace Apps. Published on 2025-03-11, it carries a CVSS v3.1 base score of 8.5 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H). The issue may enable an authenticated user to achieve an escalation of privilege through network access.

An attacker with low privileges (PR:L), such as an authenticated user on the network, can exploit this vulnerability remotely (AV:N). Exploitation requires high attack complexity (AC:H) but no user interaction (UI:N), resulting in a scope change (S:C) with high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H). Successful attacks allow privilege escalation within the affected Zoom Workplace Apps.

Mitigation details are provided in the Zoom security bulletin ZSB-25011, available at https://www.zoom.com/en/trust/security-bulletin/zsb-25011/. Security practitioners should consult this advisory for patching instructions and recommended actions.

Details

CWE(s)
CWE-124

Affected Products

zoom
meeting software development kit
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
rooms
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
rooms controller
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
workplace
≤ 6.3.0 · ≤ 6.3.0
zoom
workplace desktop
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
workplace virtual desktop infrastructure
≤ 6.1.16 · 6.1.17 — 6.2.12

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Buffer underflow vulnerability directly enables remote exploitation by authenticated users to achieve privilege escalation on affected Zoom apps.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References