CVE-2025-0146

Published Jan 30, 2025

Last updated 25 days ago

CVSS low 3.9

Overview

Description
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.
Source
security@zoom.us
NVD status
Analyzed
Products
meeting_software_development_kit, rooms, rooms_controller, video_software_development_kit, workplace_desktop

Risk scores

CVSS 3.1

Type
Primary
Base score
5
Impact score
3.6
Exploitability score
1.3
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

security@zoom.us
CWE-59

Social media

Hype score
Not currently trending

  1. CVE-2025-0146 Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access. https://t.co/imrrtpxLja

    @CVEnew

    30 Jan 2025

    334 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Threat Alert: Zoom Security Update - Patches Multiple Vulnerabilities That Let Attackers Escal CVE-2025-0147 CVE-2025-0146 CVE-2025-0145 Severity: 🔴 High Maturity: 🧨 Trending Learn more: https://t.co/pFJFdGb3Mi #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    16 Jan 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.