Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems.
Designated as CVE-2025-49457 under bulletin ZSB-25030, this flaw carries a CVSS score of 9.6, classifying it as critical due to its high impact on confidentiality, integrity, and availability.
The vulnerability stems from an untrusted search path in certain Zoom Clients for Windows. This issue enables an unauthenticated attacker to exploit the flaw over a network, requiring only user interaction such as clicking a malicious link or opening a tainted file.
The CVSS vector string, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H, highlights the ease of attack: no privileges are needed, complexity is low, and it can change the scope of impact, leading to high risks of data theft, system tampering, or complete takeover.
Affected products include Zoom Workplace for Windows before version 6.3.10, Zoom Workplace VDI for Windows before 6.3.10 (excluding versions 6.1.16 and 6.2.12), Zoom Rooms for Windows before 6.3.10, Zoom Rooms Controller for Windows before 6.3.10, and Zoom Meeting SDK for Windows before 6.3.10. Users running these outdated versions are urged to update immediately to mitigate risks.
Zoom Clients for Windows Vulnerability
Discovered and reported by Zoom’s Offensive Security team, this vulnerability underscores ongoing challenges in software security, particularly with path-handling mechanisms in Windows environments.
Untrusted search paths occur when applications load files from insecure directories, allowing malicious actors to inject harmful DLLs or executables.
In Zoom’s case, this could enable privilege escalation, where an attacker gains elevated access, potentially installing malware, accessing sensitive data, or disrupting services.
The implications are severe for Zoom’s vast user base, which includes businesses, educators, and individuals relying on the platform for virtual meetings.
With remote work still prevalent in 2025, such flaws could lead to widespread breaches, eroding trust in video conferencing tools. Experts note that similar vulnerabilities have plagued software in the past, often exploited in supply chain attacks or phishing campaigns.
Zoom has responded swiftly, advising users to download the latest updates from its official site. “Applying these patches is crucial for maintaining security,” a Zoom spokesperson stated. Additional protective measures include enabling automatic updates, using antivirus software, and avoiding suspicious links.
This incident highlights the importance of proactive security practices. As cyber threats evolve, regular updates and vigilance remain key defenses against exploitation. Organizations should review their Zoom deployments and educate users on safe practices to prevent potential incidents.
Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.
Source: cybersecuritynews.com
