Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

workplace_virtual_desktop_infrastructure

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

26
Related CVEsRelated VendorsRelated AssignersReports
26Vulnerabilities found
CVE-2025-46785
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.46%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:41
Updated-19 Aug, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Buffer Over-read

Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitroomsrooms_controllerZoom Workplace Apps
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-30666
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.51%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:35
Updated-05 Aug, 2025 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - NULL Pointer Dereference

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructurerooms_controllerworkplace_desktopmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30665
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.51%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:35
Updated-05 Aug, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - NULL Pointer Dereference

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructurerooms_controllerworkplace_desktopmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30671
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.97%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:21
Updated-01 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Null Pointer

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllermeeting_software_development_kitworkplace_virtual_desktop_infrastructureroomsworkplace_desktopZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30670
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.97%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:20
Updated-01 Aug, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Null Pointer

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllermeeting_software_development_kitworkplace_virtual_desktop_infrastructureroomsworkplace_desktopZoom Workplace Apps for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-0149
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 20.45%
||
7 Day CHG+0.01%
Published-11 Mar, 2025 | 17:04
Updated-19 Aug, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Insufficient Verification of Data Authenticity

Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitroomsrooms_controllerworkplaceZoom Apps
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-27239
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.04% / 11.52%
||
7 Day CHG+0.02%
Published-25 Feb, 2025 | 20:33
Updated-20 Aug, 2025 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and SDKs - Divide By Zero

Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructuremeeting_software_development_kitworkplace_desktopworkplaceZoom Workplace Apps and SDKs
CWE ID-CWE-369
Divide By Zero
CVE-2024-27246
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.04% / 11.37%
||
7 Day CHG+0.02%
Published-25 Feb, 2025 | 20:32
Updated-20 Aug, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and SDKs - Use After Free

Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructuremeeting_software_development_kitworkplace_desktopworkplaceZoom Workplace Apps and SDKs
CWE ID-CWE-416
Use After Free
CVE-2024-27245
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 31.28%
||
7 Day CHG+0.01%
Published-25 Feb, 2025 | 20:31
Updated-20 Aug, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and SDKs - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructuremeeting_software_development_kitworkplace_desktopworkplaceZoom Workplace Apps and SDKs
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-45426
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 13.36%
||
7 Day CHG~0.00%
Published-25 Feb, 2025 | 19:39
Updated-04 Mar, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps - Incorrect Ownership Assignment

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllerworkplace_virtual_desktop_infrastructureworkplaceworkplace_desktopmeeting_software_development_kitroomsZoom Workplace Apps
CWE ID-CWE-708
Incorrect Ownership Assignment
CVE-2025-0145
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 2.88%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 19:45
Updated-20 Aug, 2025 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps for Windows - Untrusted Search Path

Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-rooms_controllerroomsworkplace_virtual_desktop_infrastructureworkplace_desktopvideo_software_development_kitmeeting_software_development_kitZoom Workplace Apps for Windows
CWE ID-CWE-426
Untrusted Search Path
CVE-2025-0144
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-3.1||LOW
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 19:44
Updated-20 Aug, 2025 | 12:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps - Out-of-bounds Write

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplacerooms_controllerroomsworkplace_virtual_desktop_infrastructureworkplace_desktopvideo_software_development_kitmeeting_software_development_kitZoom Workplace Apps
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45419
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-8.1||HIGH
EPSS-0.13% / 33.27%
||
7 Day CHG-0.01%
Published-19 Nov, 2024 | 19:28
Updated-19 Aug, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps - Improper Input Validation

Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_desktopworkplace_virtual_desktop_infrastructuremeeting_software_development_kitvideo_software_development_kitroomsrooms_controllerworkplaceZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllerszoom_meeting_sdk_for_windows
CWE ID-CWE-252
Unchecked Return Value
CVE-2024-42438
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.40%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-29 Aug, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42437
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 47.92%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-04 Sep, 2024 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42436
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.40%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-04 Sep, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42435
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-42434
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39824
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39823
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:39
Updated-04 Sep, 2024 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitrooms_controllerworkplaceroomsworkplace_desktopworkplace_virtual_desktop_infrastructureZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-39818
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.84%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:36
Updated-11 Sep, 2024 | 13:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and SDKs - Protection Mechanism Failure

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplaceworkplace_desktoproomsworkplace_virtual_desktop_infrastructureZoom Workplace Apps and SDKsworkplace_appworkplace_desktopvdi_windows_meeting_clientrooms
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2024-39825
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-8.5||HIGH
EPSS-0.26% / 48.88%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:34
Updated-04 Sep, 2024 | 21:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and Rooms Clients - Buffer Overflow

Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplaceworkplace_desktoproomsworkplace_virtual_desktop_infrastructureZoom Workplace Apps and Rooms Clientsroomsvdi_windows_meeting_clientworkplace_appworkplace_desktop
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-39826
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.21% / 42.82%
||
7 Day CHG+0.07%
Published-15 Jul, 2024 | 17:24
Updated-05 Aug, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace Apps and SDKs - Path traversal

Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-meeting_software_development_kitworkplace_virtual_desktop_infrastructureworkplace_desktopZoom Workplace Apps and SDKs
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-27241
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 25.97%
||
7 Day CHG+0.02%
Published-15 Jul, 2024 | 17:17
Updated-20 Aug, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps and SDKs - Improper Input Validation

Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructuremeeting_software_development_kitworkplace_desktopworkplaceZoom Apps and SDKsmeeting_software_development_kitroomsworkplace_desktopvirtual_desktop_infrastructureworkplace_app
CWE ID-CWE-20
Improper Input Validation
CVE-2024-27240
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.1||HIGH
EPSS-0.13% / 33.58%
||
7 Day CHG~0.00%
Published-15 Jul, 2024 | 17:07
Updated-05 Aug, 2025 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps for Windows - Improper Input Validation

Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsworkplace_virtual_desktop_infrastructureworkplace_desktopZoom Apps for Windowsvirtual_desktop_infrastructureroomszoom
CWE ID-CWE-20
Improper Input Validation
CVE-2024-27244
Assigner-Zoom Video Communications, Inc.
ShareView Details
Assigner-Zoom Video Communications, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.87%
||
7 Day CHG+0.05%
Published-15 May, 2024 | 20:46
Updated-21 Aug, 2025 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-workplace_virtual_desktop_infrastructureZoom Workplace VDI App for Windowsvdi_windows_meeting_client
CWE ID-CWE-347
Improper Verification of Cryptographic Signature