← back
CVE-2025-30662

Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following

CVSS 6.6 MEDIUMEPSS 0.1%CWE-646
Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Affected products
Zoom Communications Inc. · Zoom Workplace VDI Plugin macOS Universal installer

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.zoom.com/en/trust/security-bulletin/zsb-25045