WHAT ARE YOU LOOKING FOR?

Popular Tags

Raleigh, NC

32°F
Scattered Clouds Humidity: 79%
Wind: 2.06 M/S

Zoom Windows App Flaw Exposes Users to DoS Attacks

Security Hits: 179
Zoom Windows App Flaw Exposes Users to DoS Attacks

Two newly discovered vulnerabilities in certain Zoom Clients for Windows could allow attackers to carry out Denial of Service (DoS) attacks. 

The security flaws, identified as CVE-2025-49464 and CVE-2025-46789, were reported by researcher fre3dm4n. Both have been rated as Medium severity, each with a CVSS score of 6.5. 

Details of the Vulnerabilities 
These issues originate from a classic buffer overflow in the affected Zoom applications. The flaw can be exploited by an authorized user with network access to disrupt the system’s normal operations, leading to a denial of service. 

The CVSS vector for both vulnerabilities, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, suggests that while there is no impact on confidentiality or integrity, the effect on service availability is considered high. The attack requires only low-level privileges and does not need user interaction, making it potentially disruptive for organizations that depend on Zoom. 

Impacted Versions 
The vulnerabilities affect several Zoom products for Windows, though the versions impacted vary slightly between the two CVEs: 

CVE-2025-49464 affects: 

  • Zoom Workplace for Windows versions earlier than 6.4.0 
  • Zoom Workplace VDI for Windows versions earlier than 6.3.10 (excluding 6.1.7 and 6.2.15) 
  • Zoom Rooms for Windows versions earlier than 6.4.0 
  • Zoom Rooms Controller for Windows versions earlier than 6.4.0 
  • Zoom Meeting SDK for Windows versions earlier than 6.4.0 

CVE-2025-46789 affects: 

  • Zoom Workplace for Windows versions earlier than 6.4.5 
  • Zoom Workplace VDI for Windows versions earlier than 6.3.12 (excluding 6.2.15) 
  • Zoom Rooms for Windows versions earlier than 6.4.5 
  • Zoom Rooms Controller for Windows versions earlier than 6.4.5 
  • Zoom Meeting SDK for Windows versions earlier than 6.4.5 

Zoom has addressed the vulnerabilities and released patches. Users are strongly encouraged to update to the latest versions available on Zoom’s official download portal. 

Keeping software up to date is one of the most effective ways to prevent exploitation and minimize risks that could affect business continuity or personal communication. 

These findings serve as a reminder of the ongoing need to secure popular communication tools. Despite being a well-known vulnerability class, buffer overflows still present real threats if left unpatched. For teams and organizations that rely on Zoom for critical operations, regular maintenance and timely updates are essential. 

 

Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post. 

Image
Back To Top

With Cybersecurity Insights, current news and event trends will be captured on cybersecurity, recent systems / cyber-attacks, artificial intelligence (AI), technology innovation happening around the world; to keep our viewers fast abreast with the current happening with technology, system security, and how its effect our lives and ecosystem. 

Please fill the required field.