Zoom apps can serve as a springboard for attackers
Security updates: Zoom apps can serve as a springboard for attackers
Zoom Rooms Controller, Workplace & Co. are vulnerable under various operating systems.
Attackers can exploit security vulnerabilities in Zoom Meetings SDK, Rooms Client, Rooms Controller, Workplace App, Workplace Desktop App and Workplace VDI Client. If attacks are successful, they have higher user rights. Updated editions close the vulnerabilities.
Install security updates
The developers list the threatened applicationsin the security section of the Zoom website. So far, there have been no reports of attackers exploiting vulnerabilities.
If attackers have network access and are authenticated, they can use a vulnerability (CVE-2025-0151"high"), for example, to increase their rights. How such an attack works in detail is not yet known.
Attackers can also provoke crashes via DoS attacks (CVE-2025-0150"high"). The operating systems Android, iOS, Linux, macOS and Windows are threatened by the vulnerabilities. Admins should ensure that the latest versions protected against the attacks described are installed. These can be found in the download area of the Zoom website.