CVE-2025-30666

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zoom.com/en/trust/security-bulletin/zsb-25018	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::*
	cpe:2.3:a:zoom:rooms::::::windows::*
	cpe:2.3:a:zoom:rooms_controller::::::windows::*
	cpe:2.3:a:zoom:workplace_desktop::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*
	cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::*

History

05 Aug 2025, 13:43

Type	Values Removed	Values Added
First Time		Zoom rooms Zoom rooms Controller Zoom meeting Software Development Kit Zoom workplace Virtual Desktop Infrastructure Zoom Zoom workplace Desktop
CPE		cpe:2.3:a:zoom:workplace_desktop::::::windows::* cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure::::::windows::* cpe:2.3:a:zoom:rooms_controller::::::windows::* cpe:2.3:a:zoom:rooms::::::windows::* cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::*
References	~~() https://www.zoom.com/en/trust/security-bulletin/zsb-25018 -~~	() https://www.zoom.com/en/trust/security-bulletin/zsb-25018 - Vendor Advisory

16 May 2025, 14:43

Type	Values Removed	Values Added
Summary		(es) La desreferencia de puntero NULL en algunas aplicaciones de Zoom Workplace para Windows puede permitir que un usuario autenticado realice una denegación de servicio a través del acceso a la red.

14 May 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-14 18:15

Updated : 2025-08-05 13:43

NVD link : CVE-2025-30666

Mitre link : CVE-2025-30666

CVE.ORG link : CVE-2025-30666

JSON object : View

Products Affected

zoom

rooms_controller
rooms
workplace_virtual_desktop_infrastructure
workplace_desktop
meeting_software_development_kit

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2025-30666", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@zoom.us", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-05-14T18:15:30.447", "references": [{"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25018", "tags": ["Vendor Advisory"], "source": "security@zoom.us"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@zoom.us", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access."}, {"lang": "es", "value": "La desreferencia de puntero NULL en algunas aplicaciones de Zoom Workplace para Windows puede permitir que un usuario autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso a la red."}], "lastModified": "2025-08-05T13:43:02.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "A3D5AD71-8BC5-4346-B8B2-1166AD0415FF", "versionEndExcluding": "6.4.0"}, {"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "390D202B-A60A-411E-8A57-0AF1C2BB0497", "versionEndExcluding": "6.4.0"}, {"criteria": "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "A117F0E2-8079-41C5-B619-D9059A3120E4", "versionEndExcluding": "6.4.0"}, {"criteria": "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "63C6EF40-B762-4FE8-83AA-D9D4600A5C92", "versionEndExcluding": "6.4.0"}, {"criteria": "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "B4CF0315-8092-424B-9254-05FF6DDDA029", "versionEndExcluding": "6.1.17"}, {"criteria": "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "71A0CC0D-D415-46DB-B566-DB7C41A6E277", "versionEndExcluding": "6.2.13", "versionStartIncluding": "6.1.18"}, {"criteria": "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "D2276405-3395-4252-A140-06C9A9BDBCDB", "versionEndExcluding": "6.3.10", "versionStartIncluding": "6.2.14"}], "operator": "OR"}]}], "sourceIdentifier": "security@zoom.us"}