Zoom Clients for macOS - Improper Authentication

Bulletin: ZSB-25027
CVEID: CVE-2025-49464
CVSS Severity: Medium
CVSS Score: 6.5
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Description:

Improper authentication in certain Zoom Clients for macOS before version 6.4.5 may allow an unauthenticated user to conduct an impact to application integrity via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace for macOS before version 6.4.5
Zoom Meeting SDK for macOS before version 6.4.5
Zoom Rooms for macOS before version 6.4.5
Zoom Rooms Controller for macOS before version 6.4.5

Source:

Reported by Zoom Offensive Security.

Revision	Date	Description
1.0	07/08/2025	Initial publication.

Zoom Clients for macOS - Improper Authentication

Subscribe for updates