Zoom Rooms Clients - Authentication Bypass

Bulletin: ZSB-25039
CVEID: CVE-2025-58133
CVSS Severity: Medium
CVSS Score: 5.3
CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Description:

Authentication bypass in some Zoom Rooms Clients before version 6.5.1 may allow an unauthenticated user to conduct a disclosure of information via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Rooms for Windows before version 6.5.1
Zoom Rooms for macOS before version 6.5.1
Zoom Rooms for Android before version 6.5.1
Zoom Rooms for iOS before version 6.5.1
Zoom Rooms for iPad before version 6.5.1

Source:

Reported by Zoom Offensive Security.

Revision	Date	Description
1.0	10/14/2025	Initial publication.

Zoom Rooms Clients - Authentication Bypass

Subscribe for updates