CVE-2025-27443 | THREATINT

Description

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.

PUBLISHED Reserved 2025-02-25 | Published 2025-04-08 | Updated 2025-04-08 | Assigner Zoom

LOW: 2.8CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Problem types

CWE-1188 Insecure Default Initialization of Resource

Product status

Default status

unaffected

See references. (custom)

affected

References

www.zoom.com/en/trust/security-bulletin/zsb-25014

cve.org (CVE-2025-27443)

nvd.nist.gov (CVE-2025-27443)

Download JSON