mickmick.net

Zoom Products Multiple Vulnerabilities

Release Date: 16 Jan 2025

RISK: Medium Risk

TYPE: Clients - Productivity Products

Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition, data manipulation, elevation of privilege and sensitive information disclosure on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Information Disclosure
• Data Manipulation

---

System / Technologies affected

• Zoom Jenkins bot plugin before version 1.6
• Zoom Meeting SDK for Android before version 6.2.5
• Zoom Meeting SDK for iOS before version 6.2.5
• Zoom Meeting SDK for Linux before version 6.2.10
• Zoom Meeting SDK for macOS before version 6.2.10
• Zoom Meeting SDK for Windows before version 6.2.5
• Zoom Rooms Client for iPad before version 6.2.5
• Zoom Rooms Client for macOS before version 6.2.10
• Zoom Rooms Client for Windows before version 6.2.5
• Zoom Rooms Controller for Android before version 6.2.5
• Zoom Rooms Controller for Linux before version 6.2.5
• Zoom Rooms Controller for macOS before version 6.2.10
• Zoom Rooms Controller for Windows before version 6.2.5
• Zoom Video SDK for Android before version 6.2.5
• Zoom Video SDK for iOS before version 6.2.5
• Zoom Video SDK for Linux before version 6.2.10
• Zoom Video SDK for macOS before version 6.2.10
• Zoom Video SDK for Windows before version 6.2.5
• Zoom Workplace App for Android before version 6.2.5
• Zoom Workplace App for iOS before version 6.2.5
• Zoom Workplace App for Linux before version 6.2.10
• Zoom Workplace App for macOS before version 6.2.10
• Zoom Workplace App for Windows before version 6.2.5
• Zoom Workplace VDI Client for Windows before version 6.1.13 (except 6.0.15)

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• https://www.zoom.com/en/trust/security-bulletin/zsb-25001
• https://www.zoom.com/en/trust/security-bulletin/zsb-25002
• https://www.zoom.com/en/trust/security-bulletin/zsb-25003
• https://www.zoom.com/en/trust/security-bulletin/zsb-25004
• https://www.zoom.com/en/trust/security-bulletin/zsb-25005
• https://www.zoom.com/en/trust/security-bulletin/zsb-25006

---

Vulnerability Identifier

• CVE-2025-0142
• CVE-2025-0143
• CVE-2025-0144
• CVE-2025-0145
• CVE-2025-0146
• CVE-2025-0147

---

Source

• Zoom

---

Related Link

• https://www.zoom.com/en/trust/security-bulletin/zsb-25001
• https://www.zoom.com/en/trust/security-bulletin/zsb-25002
• https://www.zoom.com/en/trust/security-bulletin/zsb-25003
• https://www.zoom.com/en/trust/security-bulletin/zsb-25004
• https://www.zoom.com/en/trust/security-bulletin/zsb-25005
• https://www.zoom.com/en/trust/security-bulletin/zsb-25006