CVE-2025-49460

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-49460
Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.

4.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://www.zoom.com/en/trust/security-bulletin/ZSB-25033 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipad_os:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*
History

17 Oct 2025, 19:42

Type Values Removed Values Added
First Time Zoom meeting Software Development Kit
Zoom rooms Controller
Zoom rooms
Zoom workplace Desktop
Zoom workplace Virtual Desktop Infrastructure
Zoom
Zoom workplace
References () https://www.zoom.com/en/trust/security-bulletin/ZSB-25033 - () https://www.zoom.com/en/trust/security-bulletin/ZSB-25033 - Vendor Advisory
CPE cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:android:*:*
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*
cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipad_os:*:*
cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*

09 Sep 2025, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-09-09 22:15

Updated : 2025-10-17 19:42

NVD link : CVE-2025-49460

Mitre link : CVE-2025-49460

CVE.ORG link : CVE-2025-49460

JSON object : View

Products Affected

zoom

  • workplace_virtual_desktop_infrastructure
  • workplace_desktop
  • workplace
  • meeting_software_development_kit
  • rooms
  • rooms_controller
CWE
CWE-400

Uncontrolled Resource Consumption