Cyber Posture

CVE-2025-0147

High

Published: 30 January 2025

Published
30 January 2025
Modified
01 August 2025
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0056 68.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0147 is a high-severity Type Confusion (CWE-843) vulnerability in Zoom Meeting Software Development Kit. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 31.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the type confusion vulnerability by requiring timely patching of the Zoom Workplace App for Linux to version 6.2.10 or later.

SI-16 Memory Protection partial match
prevent

Mitigates exploitation of the type confusion flaw leading to privilege escalation by implementing memory protections against unauthorized code execution.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Detects the presence of vulnerable Zoom Workplace App versions through vulnerability scanning, enabling proactive remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Type confusion in client app directly enables local privilege escalation via crafted network input requiring user interaction.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.

Deeper analysisAI

CVE-2025-0147 is a type confusion vulnerability (CWE-843) affecting the Zoom Workplace App for Linux in versions before 6.2.10. Published on 2025-01-30, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.

An authorized user can exploit this vulnerability via network access to achieve an escalation of privilege. Per the CVSS vector, exploitation occurs over the network with low attack complexity, requires user interaction but no attacker privileges, and has unchanged scope, enabling high confidentiality, integrity, and availability impacts.

The Zoom security bulletin at https://www.zoom.com/en/trust/security-bulletin/zsb-25006/ provides details on mitigation, which includes updating the Zoom Workplace App for Linux to version 6.2.10 or later.

Details

CWE(s)
CWE-843

Affected Products

zoom
meeting software development kit
≤ 6.2.10
zoom
video software development kit
≤ 6.2.10
zoom
workplace desktop
≤ 6.2.10

CVEs Like This One

CVE-2025-27440Same product: Zoom Meeting Software Development Kit
CVE-2025-0151Same product: Zoom Meeting Software Development Kit
CVE-2025-27439Same product: Zoom Meeting Software Development Kit
CVE-2025-0145Same product: Zoom Meeting Software Development Kit
CVE-2024-45418Same product: Zoom Meeting Software Development Kit
CVE-2025-49457Same product: Zoom Meeting Software Development Kit
CVE-2025-62484Same product: Zoom Meeting Software Development Kit
CVE-2024-45421Same product: Zoom Meeting Software Development Kit
CVE-2025-46788Same product: Zoom Workplace Desktop
CVE-2024-45424Same product: Zoom Meeting Software Development Kit

References