Zoom Video Communications disclosed multiple vulnerabilities affecting its Workplace Apps across various platforms, including Windows, macOS, Linux, iOS, and Android.
These vulnerabilities pose significant risks such as privilege escalation, denial-of-service (DoS), and remote code execution, potentially allowing attackers to compromise user systems and data integrity.
Multiple Vulnerabilities Impact Zoom Workplace Apps
Zoom’s latest security bulletins detail a series of medium to high-severity flaws impacting Zoom Workplace Apps.
.png
)
Among the most critical is a high-severity time-of-check time-of-use (TOCTOU) vulnerability (CVE-2025-30663).
The flaw stems from a race condition in Zoom Workplace applications. This high-severity flaw scores 5.9 on the Common Vulnerability Scoring System (CVSS 4.0) scale and allows local users to exploit timing discrepancies between resource verification and usage.
Attackers who successfully exploit this vulnerability can gain unauthorized access to sensitive information and escalate privileges on targeted systems.
While exploitation requires local system access and authentication credentials, the potential impact remains significant for enterprise environments.
Other notable vulnerabilities include multiple NULL pointer dereference bugs (CVE-2025-30665, CVE-2025-30666, CVE-2025-30667, CVE-2025-30668).
These vulnerabilities in Zoom Workplace Apps could cause application crashes or allow attackers to execute arbitrary code, denial-of-service (DoS), or remote code execution if exploited.
Zoom Workplace Vulnerabilities
| CVE ID | Affected Products | Description |
|---|---|---|
| CVE-2025-46785 | Zoom Workplace Apps for Windows | Buffer over-read vulnerability allowing attackers to read sensitive memory contents, leading to crashes or data exposure. |
| CVE-2025-30668 | Zoom Workplace Apps for Windows | NULL pointer dereference flaw causing application crashes or potential code execution. |
| CVE-2025-30667 | Zoom Workplace Apps (all platforms) | NULL pointer dereference leading to denial-of-service (DoS) or arbitrary code execution. |
| CVE-2025-30665 | Zoom Workplace Apps for Windows | NULL pointer dereference in Windows-specific components, enabling crashes or privilege escalation. |
| CVE-2025-30666 | Zoom Workplace Apps for Windows | Additional NULL pointer dereference flaw impacting Windows clients, similar to CVE-2025-30665. |
| CVE-2025-30664 | Zoom Workplace Apps (all platforms) | Improper input sanitization allowing injection of malicious elements to bypass security controls. |
| CVE-2025-30663 | Zoom Workplace Apps (all platforms) | Time-of-check to time-of-use (TOCTOU) race condition enabling privilege escalation (high severity). |
Improper neutralization of special elements (CVE-2025-30664) allows attackers to inject malicious inputs via unvalidated user data, potentially bypassing security controls.
Reading beyond buffer boundaries in Zoom Workplace Apps for Windows (CVE-2025-46785) could expose sensitive memory contents or cause application instability.
The vulnerabilities affect numerous Zoom products across multiple platforms, including:
- Zoom Workplace Desktop App for Windows (versions before 6.4.0 62047)
- Zoom Workplace Desktop App for macOS (versions before 6.3.11 50104)
- Zoom Workplace Desktop App for Linux (versions before 6.3.11 7212)
- Virtual Desktop Infrastructure (VDI) (versions 6.1.0 – 6.2.12.25780)
- Zoom Rooms Controllers and Clients
- Zoom Meeting SDK across Windows, macOS, Linux, iOS, and Android platforms
Mitigations
Zoom has not provided detailed guidance on vulnerability impacts to individual customers, but strongly recommends updating to the latest software versions to receive all security improvements.
The company stated in its security bulletin, “We recommend users update to the latest version of Zoom software to get the latest fixes and security improvements. “
Security experts advise organizations to implement these patches promptly, especially in enterprise environments where privilege escalation vulnerabilities pose significant risks to network integrity and data confidentiality.
Users can download the latest Zoom updates from the company’s official download page or enable automatic updates through application settings to ensure continued protection against emerging threats.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
