The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0049) regarding a denial-of-service (DoS) vulnerability in multiple Zoom products. The flaw, tracked as CVE-2025-0149, affects various versions of Zoom Workplace, Zoom Rooms, and Zoom Meeting SDK across Windows, macOS, Linux, Android, and iOS.
Affected Software
The vulnerability impacts:
• Zoom Workplace Desktop App (Windows, macOS, Linux) before version 6.3.0
• Zoom Workplace App (iOS, Android) before version 6.3.0
• Zoom Workplace VDI Client (Windows) before version 6.2.10 (except 6.1.15)
• Zoom Rooms Controller (Windows, macOS, Linux, Android) before version 6.3.0
• Zoom Rooms Client (Windows, macOS, Android, iPad) before version 6.3.0
• Zoom Meeting SDK (Windows, iOS, Android, macOS, Linux) before version 6.3.0
Vulnerability details
The flaw arises due to insufficient verification of data authenticity in affected Zoom applications. This could allow an attacker to exploit network access and trigger a DoS condition, leading to service disruptions. An unprivileged user could send manipulated data packets, rendering the application unresponsive or unavailable.
Potential impact
• Disruption of Zoom meetings and communication services.
• Service unavailability for affected applications.
• Potential loss of productivity for businesses and users relying on Zoom.
Solution
CERT-In and Zoom recommends users update to the latest versions of the affected software to mitigate the risk. The security updates are available in Zoom’s Security Bulletin at:
https://www.zoom.com/en/trust/security-bulletin/zsb-25008/
Users are advised to apply the updates immediately to protect their systems. IT administrators should ensure all workplace devices running Zoom applications are patched to the latest versions. Keeping software up to date is critical to reducing exposure to security vulnerabilities.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
