Cyber Posture

CVE-2025-27440

High

Published: 11 March 2025

Published
11 March 2025
Modified
22 October 2025
KEV Added
Patch
CVSS Score 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0063 70.3th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-27440 is a heap overflow vulnerability (CWE-124) affecting some Zoom Workplace Apps. Published on March 11, 2025, it carries a CVSS v3.1 base score of 8.5 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant impact across confidentiality, integrity, and availability when successfully exploited.

An authenticated user with low privileges (PR:L) can exploit this vulnerability over the network (AV:N), though it requires high attack complexity (AC:H) and no user interaction (UI:N). Successful exploitation enables escalation of privilege, with the changed scope (S:C) allowing the attacker to achieve high-impact outcomes, including unauthorized access to sensitive data, modification of system resources, and disruption of services.

Zoom's security bulletin at https://www.zoom.com/en/trust/security-bulletin/zsb-25011/ provides details on mitigation, including available patches for affected Zoom Workplace Apps. Security practitioners should consult this advisory for version-specific remediation steps and apply updates promptly to prevent exploitation.

Details

CWE(s)
CWE-124

Affected Products

zoom
meeting software development kit
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
rooms
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
rooms controller
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
workplace
≤ 6.3.0 · ≤ 6.3.0
zoom
workplace desktop
≤ 6.3.0 · ≤ 6.3.0 · ≤ 6.3.0
zoom
workplace virtual desktop infrastructure
≤ 6.1.16 · 6.1.17 — 6.2.12

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

The heap overflow vulnerability explicitly enables privilege escalation for an authenticated low-privileged user, directly mapping to T1068 Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References