Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Zoom |
|
Configuration 1 [-]
|
No data.
References
| Link | Providers |
|---|---|
| https://www.zoom.com/en/trust/security-bulletin/zsb-25014 |
|
History
Fri, 01 Aug 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Zoom
Zoom meeting Software Development Kit Zoom rooms Zoom rooms Controller Zoom workplace Desktop |
|
| CPEs | cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:* |
|
| Vendors & Products |
Zoom
Zoom meeting Software Development Kit Zoom rooms Zoom rooms Controller Zoom workplace Desktop |
Tue, 08 Apr 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 08 Apr 2025 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access. | |
| Title | Zoom Workplace Apps for Windows - Insecure Default Variable Initialization | |
| Weaknesses | CWE-1188 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Zoom
Published: 2025-04-08T16:16:38.148Z
Updated: 2025-04-08T20:32:12.324Z
Reserved: 2025-02-25T18:35:04.401Z
Link: CVE-2025-27443
Vulnrichment
Updated: 2025-04-08T20:32:08.556Z
NVD
Status : Analyzed
Published: 2025-04-08T17:15:38.113
Modified: 2025-08-01T19:02:03.573
Link: CVE-2025-27443
Redhat
No data.