Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature

Bulletin: ZSB-25042
CVEID: CVE-2025-64740
CVSS Severity: High
CVSS Score: 7.5
CVSS Vector String: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Description:

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace VDI Client for Windows before versions 6.3.14, 6.4.12 and 6.5.10 in their respective tracks

Source:

Reported by Mandiant.

Revision	Date	Description
1.0	11/11/2025	Initial publication.

Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature

Subscribe for updates