Vulnerability cyber

Zoom

Jul 9, 2025 1 min read
Zoom

Recently, two vulnerabilities were discovered in specific Zoom Clients for Windows, which could enable attackers to launch Denial of Service (DoS) attacks. These flaws, tracked under CVE-2025-49464 and CVE-2025-46789, were reported by security researcher fre3dm4n and carry a Medium severity rating with a CVSS score of 6.5 each. The vulnerabilities stem from a classic buffer overflow issue in the affected Zoom products. This flaw could enable an authorized user with network access to exploit the system, causing a DoS condition that disrupts service availability. The CVSS vector string for both issues indicates a high impact on availability, though confidentiality and integrity remain unaffected. The potential for disruption is significant for organizations relying on Zoom for communication. The vulnerabilities impact multiple Zoom products for Windows, with slight variations in affected versions between the two CVEs.

Source: https://cybersecuritynews.com/zoom-clients-for-windows-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/zoom

"id": "zoo619070925",
"linkid": "zoom",
"type": "Vulnerability",
"date": "7/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"
{'affected_entities': [{'industry': 'Communication Technology',
                        'name': 'Zoom',
                        'type': 'Software Company'}],
 'attack_vector': 'Buffer Overflow',
 'description': 'Two vulnerabilities (CVE-2025-49464 and CVE-2025-46789) '
                'discovered in Zoom Clients for Windows can enable attackers '
                'to launch Denial of Service (DoS) attacks.',
 'impact': {'operational_impact': 'Disruption of Communication Services',
            'systems_affected': ['Zoom Workplace for Windows',
                                 'Zoom Workplace VDI for Windows',
                                 'Zoom Rooms for Windows',
                                 'Zoom Rooms Controller for Windows',
                                 'Zoom Meeting SDK for Windows']},
 'lessons_learned': 'Ensuring that software is up to date is critical in '
                    'safeguarding against potential exploits.',
 'motivation': 'Disruption of Service',
 'post_incident_analysis': {'corrective_actions': 'Apply patches to affected '
                                                  'Zoom products',
                            'root_causes': 'Buffer overflow in Zoom products'},
 'recommendations': 'Stay vigilant about software updates to protect against '
                    'buffer overflow issues.',
 'response': {'remediation_measures': 'Apply the latest patches'},
 'title': 'Zoom Client Vulnerabilities Enable DoS Attacks',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': ['CVE-2025-49464', 'CVE-2025-46789']}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Fortinet

public 1 min read
A critical security vulnerability, CVE-2025-25257, was discovered in FortiWeb web application firewalls, allowing unauthenticated attackers to execute unauthorized SQL commands…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.