Zoom Workplace Apps for Windows - Null Pointer Dereference

  • ZSB-25015
  • CVE-2025-30670, CVE-2025-30671
  • Medium
  • 6.5
  • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

 

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

  • Zoom Workplace Desktop App for Windows before version 6.3.10
  • Zoom Workplace VDI Client for Windows before version 6.2.12 (except version 6.1.16)
  • Zoom Rooms Controller for Windows before version 6.4.0
  • Zoom Rooms Client for Windows before version 6.4.0
  • Zoom Meeting SDK for Windows before version 6.3.10

Reported by fre3dm4n.

Revision Date Description
1.3 11/10/2025

Extra CVE ID removed.
1.2 05/14/2025

Updated title.
1.1 04/08/2025

Updated CVSS string.
1.0 04/08/2025

Initial publication.