Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

rooms_controller

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

22
Related CVEsRelated VendorsRelated AssignersReports
22Vulnerabilities found
CVE-2025-46785
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.46%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:41
Updated-19 Aug, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Buffer Over-read

Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitroomsrooms_controllerZoom Workplace Apps
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-30666
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.51%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:35
Updated-05 Aug, 2025 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - NULL Pointer Dereference

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructurerooms_controllerworkplace_desktopmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30665
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.51%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:35
Updated-05 Aug, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - NULL Pointer Dereference

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructurerooms_controllerworkplace_desktopmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30671
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.97%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:21
Updated-01 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Null Pointer

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllermeeting_software_development_kitworkplace_virtual_desktop_infrastructureroomsworkplace_desktopZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30670
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.97%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:20
Updated-01 Aug, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Null Pointer

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllermeeting_software_development_kitworkplace_virtual_desktop_infrastructureroomsworkplace_desktopZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-27443
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-2.8||LOW
EPSS-0.02% / 4.13%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:16
Updated-01 Aug, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Insecure Default Variable Initialization

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllerroomsworkplace_desktopmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2025-0149
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 20.45%
||
7 Day CHG+0.01%
Published-11 Mar, 2025 | 17:04
Updated-19 Aug, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Insufficient Verification of Data Authenticity

Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitroomsrooms_controllerworkplaceZoom Apps
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-45426
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 13.36%
||
7 Day CHG~0.00%
Published-25 Feb, 2025 | 19:39
Updated-04 Mar, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps - Incorrect Ownership Assignment

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllerworkplace_virtual_desktop_infrastructureworkplaceworkplace_desktopmeeting_software_development_kitroomsZoom Workplace Apps
CWE ID-CWE-708
Incorrect Ownership Assignment
CVE-2025-0146
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-3.9||LOW
EPSS-0.03% / 5.98%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 19:47
Updated-01 Aug, 2025 | 01:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace app for macOS - Symlink Following

Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktoproomsmeeting_software_development_kitrooms_controllervideo_software_development_kitZoom Workplace app for macOS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-0145
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 2.88%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 19:45
Updated-20 Aug, 2025 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Untrusted Search Path

Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllerroomsworkplace_virtual_desktop_infrastructureworkplace_desktopvideo_software_development_kitmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-426
Untrusted Search Path
CVE-2025-0144
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-3.1||LOW
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 19:44
Updated-20 Aug, 2025 | 12:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps - Out-of-bounds Write

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplacerooms_controllerroomsworkplace_virtual_desktop_infrastructureworkplace_desktopvideo_software_development_kitmeeting_software_development_kitZoom Workplace Apps
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45422
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 25.83%
||
7 Day CHG-0.05%
Published-19 Nov, 2024 | 19:45
Updated-19 Aug, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Improper Input Validation

Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopmeeting_software_development_kitvideo_software_development_kitroomsrooms_controllerworkplaceZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllersworkplace_appmeeting_sdk
CWE ID-CWE-20
Improper Input Validation
CVE-2024-45420
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.09% / 26.02%
||
7 Day CHG-0.01%
Published-19 Nov, 2024 | 19:32
Updated-19 Aug, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Uncontrolled Resource Consumption

Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopmeeting_software_development_kitvideo_software_development_kitroomsrooms_controllerworkplaceZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-45419
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-8.1||HIGH
EPSS-0.13% / 33.27%
||
7 Day CHG-0.01%
Published-19 Nov, 2024 | 19:28
Updated-19 Aug, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Improper Input Validation

Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitvideo_software_development_kitroomsrooms_controllerworkplaceZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllerszoom_meeting_sdk_for_windows
CWE ID-CWE-252
Unchecked Return Value
CVE-2024-42438
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.40%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-29 Aug, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42437
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 47.92%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-04 Sep, 2024 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42436
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.40%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-04 Sep, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42435
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-42434
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39824
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39823
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39822
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 45.01%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:38
Updated-04 Sep, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerroomsworkplace_desktopworkplaceZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor