CVE-2025-0150
Published: 11 March 2025
Summary
CVE-2025-0150 is a high-severity Incorrect Behavior Order (CWE-696) vulnerability in Zoom Meeting Software Development Kit. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 36.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-0150 involves incorrect behavior order, classified under CWE-696, affecting Zoom Workplace Apps for iOS in versions before 6.3.0. This flaw enables an authenticated user to trigger a denial-of-service condition through network access. The vulnerability carries a CVSS v3.1 base score of 7.1, reflecting network attack vector (AV:N), low attack complexity (AC:L), low privileges required (PR:L), no user interaction (UI:N), unchanged scope (S:U), low confidentiality impact (C:L), no integrity impact (I:N), and high availability impact (A:H).
An authenticated user with low privileges can exploit this vulnerability remotely over the network, requiring minimal complexity and no user interaction on the target. Exploitation leads primarily to a denial-of-service, severely disrupting availability, alongside limited confidentiality exposure but without affecting integrity.
The Zoom security bulletin ZSB-25009, available at https://www.zoom.com/en/trust/security-bulletin/zsb-25009/, addresses this issue, with the vulnerability resolved in Zoom Workplace Apps for iOS version 6.3.0 and later.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-7354
Vulnerability details
Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via network access.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables remote exploitation of the Zoom iOS app leading to denial-of-service via incorrect behavior order, directly mapping to application or system exploitation under endpoint DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2025-0150 by requiring timely remediation through patching the vulnerable Zoom Workplace iOS app to version 6.3.0 or later.
Implements denial-of-service protections at network boundaries to counter the high availability impact from authenticated network-based exploitation.
Establishes access controls and usage restrictions for mobile devices running vulnerable iOS apps, limiting low-privilege authenticated users' ability to trigger the flaw via network access.