Zoom Clients for macOS - Improper Authentication

  • ZSB-25027
  • CVE-2025-49464
  • Medium
  • 6.5
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Improper authentication in certain Zoom Clients for macOS before version 6.4.5 may allow an unauthenticated user to conduct an impact to application integrity via network access.

 

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.  

  • Zoom Workplace for macOS before version 6.4.5
  • Zoom Meeting SDK for macOS before version 6.4.5
  • Zoom Rooms for macOS before version 6.4.5
  • Zoom Rooms Controller for macOS before version 6.4.5

Reported by Zoom Offensive Security.

Revision Date Description
1.0 07/08/2025

Initial publication.