CVE-2025-49459

Zoom Workplace for Windows on ARM - Missing Authorization

CVSS 7.8 HIGHEPSS 0.1%CWE-862

Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Zoom Communications, Inc · Zoom Workplace for Windows on ARM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.zoom.com/en/trust/security-bulletin/ZSB-25032