CVE-2025-27443

🗓️ 08 Apr 2025 16:16:38Reported by ZoomType

Insecure variable initialization in Zoom Workplace Apps allows integrity loss through local access.

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system, related to insecure resource initialization, allows a perpetrator to influence the integrity of protected information.	4 Jun 202500:00	–	bdu_fstec
Circl	CVE-2025-27443	8 Apr 202511:28	–	circl
CNNVD	Zoom Workplace 安全漏洞	8 Apr 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in Zoom Workplace Apps for Windows	13 May 202500:00	–	cnvd
Cvelist	CVE-2025-27443 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization	8 Apr 202516:16	–	cvelist
EUVD	EUVD-2025-10251	3 Oct 202520:07	–	euvd
NVD	CVE-2025-27443	8 Apr 202517:15	–	nvd
OSV	CVE-2025-27443	8 Apr 202517:15	–	osv
Positive Technologies	PT-2025-15464 · Zoom · Zoom Workplace Apps	8 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-27443	11 Apr 202503:12	–	redhatcve

NVD

Node

zoom meeting_software_development_kitRange<6.3.10windows

zoom roomsRange<6.4.0windows

zoom rooms_controllerRange<6.4.0windows

zoom workplace_desktopRange<6.3.10windows

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Zoom Workplace Apps for Windows",
    "vendor": "Zoom Communications, Inc",
    "versions": [
      {
        "status": "affected",
        "version": "See references.",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
zoom	www.zoom.com/en/trust/security-bulletin/zsb-25014

01 Aug 2025 19:02Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.12.8 - 5.5

EPSS0.00106

SSVC

CWE-1188