zoom security vulnerabilities exposed
Up next
Author
Tags
Share article
The post has been shared by 0 people.
Facebook 0
Twitter 0
Pinterest 0
Mail 0

While millions of users continue to rely on Zoom for their daily communication needs, the popular video conferencing platform has been quietly patching several dangerous security vulnerabilities. Topping the list is CVE-2024-24691, a critical flaw with a scary 9.6 CVSS score. It affects Windows versions of multiple Zoom products and lets unauthorized users escalate privileges through network access. Zoom’s own security team found this one. Let that sink in.

Zoom found a terrifying security hole in its own products—one that could give attackers complete control over your Windows system.

But wait, there’s more. A type confusion vulnerability (CVE-2025-0147) in the Zoom Workplace App for Linux scored 8.8 on the severity scale. It affects Linux versions of Meeting SDK and Video SDK too. Users have to interact with it for exploitation, but honestly, who doesn’t click on things they shouldn’t?

The platform’s installers aren’t safe either. Windows users face an untrusted search path vulnerability (CVE-2025-0145) with a medium severity rating of 4.6. MacOS users aren’t off the hook – a symlink following vulnerability (CVE-2025-0146) lurks in their installer. Lower severity, sure, but still concerning. These security issues are particularly alarming given Zoom’s meteoric rise from 10 million daily users to 300 million during the pandemic.

Zoom’s also dealing with an out-of-bounds write vulnerability (CVE-2025-0144) affecting products across all major platforms. Low severity at 3.1, but widespread reach. Classic Zoom – democratic in its flaws.

Two more issues round out the security nightmare. An improper input validation vulnerability (CVE-2024-45422) allows denial of service attacks by unauthenticated users. Medium severity at 6.5. And a buffer overflow vulnerability (CVE-2024-45421) enables authenticated users to escalate privileges via network access. These statistics were collected as part of an effort to enhance security awareness for Zoom users.

Thankfully, Zoom has released patches for these vulnerabilities. Desktop clients need version 5.16.5 or later, VDI clients should update to 5.16.10, and Rooms clients need 5.17.0. The Meeting SDK is safe at version 5.16.5.

The company continues to emphasize security improvements, but these recurring issues raise questions about the platform’s underlying code quality.

Leave a Reply
You May Also Like
mozilla products remote code risks

Critical Flaws in Mozilla Products Enable Remote Code Execution Risks for Users

Critical Mozilla vulnerabilities enable attackers to seize control of your device through innocent-looking web pages and media files. Multiple products affected in this disturbing security breach. Update immediately before it’s too late.
apple addresses webkit vulnerability

Urgent Update: Apple Battles Exploited Webkit Flaw in Ios 18.3.2

Critical Webkit flaw actively weaponized against Apple users despite previous patches. iOS 18.3.2 rushes emergency protection while fixing performance issues that plagued earlier versions. Your security depends on immediate action.
apple s webkit security vulnerability

Apple Faces Security Crisis With New Webkit Zero-Day Vulnerability

Apple’s “secure” products compromised by third zero-day this year, putting billions at risk of silent device takeover. Update now or hackers gain complete control without your knowledge.
webkit flaw targets individuals

Apple’s Urgent Patch for WebKit Flaw Unveils Targeted Exploits Against High-Profile Individuals

Apple’s urgent patch fights sophisticated WebKit zero-day attacks exclusively hunting high-profile individuals. Your iPhone might be vulnerable even with ordinary browsing habits. Update immediately.