Zoom has patched a critical security flaw (CVE-2025-49457) affecting Windows clients that could allow unauthenticated privilege escalation. Due to its widespread use, vulnerabilities in Zoom pose a significant threat to personal and business data security. #CVE-2025-49457 #ZoomVulnerability
Keypoints
- A critical security flaw was identified in Zoom Clients for Windows, with a CVSS score of 9.6.
- The vulnerability enables unauthenticated users to escalate privileges via network access.
- The affected products include multiple versions of Zoom Workplace, Rooms, Rooms Controller, and Meeting SDK for Windows before version 6.3.10.
- Zoom vulnerabilities can allow attackers to install malware, steal files, or gain deeper access to corporate networks.
- The platformβs wide usage makes it a high-value target for threat actors seeking access to sensitive information.