Zoom Workplace Clients - Inefficient Regular Expression Complexity

Bulletin: ZSB-25048
CVEID: CVE-2025-62484
CVSS Severity: High
CVSS Score: 8.1
CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Description:

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace for iOS before version 6.5.10
Zoom Workplace for Android before version 6.5.10
Zoom Meeting SDK for iOS before version 6.5.10
Zoom Meeting SDK for Android before version 6.5.10

Source:

Reported by shmoul.

Revision	Date	Description
1.0	11/11/2025	Initial publication.

Zoom Workplace Clients - Inefficient Regular Expression Complexity

Subscribe for updates