Zoom Clients for iOS - Insufficient Control Flow Management

  • ZSB-25026
  • CVE-2025-49463
  • Medium
  • 6.5
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access.

 

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.  

  • Zoom Workplace for iOS before version 6.4.5
  • Zoom Meeting SDK for iOS before version 6.4.5
  • Zoom Rooms for iOS before version 6.4.5
  • Zoom Rooms Controller for iOS before version 6.4.5

Reported by Zoom Offensive Security.

Revision Date Description
1.0 07/08/2025

Initial publication.