A critical security vulnerability has recently been discovered in certain versions of Zoom Clients for Windows that could expose users to cybersecurity risks, including privilege escalation via network access.
The flaw, identified as /CVE-2025-49457, has been classified with a CVSS score of 9.6, signaling its high severity. The vulnerability could allow unauthenticated attackers to exploit a weak search path issue within the Zoom application, enabling them to escalate privileges without requiring user interaction.
This issue affects Zoom Workplace for Windows, Zoom Rooms, Zoom Rooms Controller, and Zoom Meeting SDK for Windows, all versions before 6.3.10. However, users of versions 6.1.16 and 6.2.12 are not impacted, despite being part of the broader vulnerable product set.
The flaw was first reported by Zoom Offensive Security and has now been acknowledged by the company, with updates already made available.
How does the CVE-2025-49457 Vulnerability work?
The core of the CVE-2025-49457 vulnerability lies in an untrusted search path within certain Zoom products. An untrusted search path is a security issue where an application looks for critical files or libraries in locations that may be vulnerable to manipulation.
If exploited, this flaw could allow attackers to manipulate the search path in a way that triggers privilege escalation, providing them with unauthorized access to higher system permissions. The risk is threatening because it does not require authentication, making it especially dangerous in networked environments.
The vulnerability is categorized as critical because it could lead to cybersecurity breaches. Zoom Clients running on Windows systems before version 6.3.10 are at immediate risk, and Zoom has urged users to upgrade to the latest versions of the software to mitigate potential threats.
Affected Versions and Recommended Action
The following versions of Zoom Clients for Windows are vulnerable to CVE-2025-49457:
- Zoom Workplace for Windows before version 6.3.10
- Zoom Workplace VDI for Windows before version 6.3.10 (except 6.1.16 and 6.2.12)
- Zoom Rooms for Windows before version 6.3.10
- Zoom Rooms Controller for Windows before version 6.3.10
- Zoom Meeting SDK for Windows before version 6.3.10
Users who are running any of the affected versions are strongly advised to immediately update to the latest version available. Zoom’s latest release, version 6.3.10, addresses this vulnerability and is available for download on the company’s website.
The Broader Context of Zoom Vulnerabilities
This latest issue is part of a broader trend of Zoom vulnerabilities being uncovered in recent years. Zoom has faced increasing scrutiny due to its rapid growth during the global shift to remote work. As the software gained millions of new users, security flaws became more apparent.
Other known vulnerabilities in Zoom have included cross-site scripting (XSS) flaws, authentication bypass vulnerabilities, and buffer overflow issues.
Conclusion
Timely patching is crucial for protecting systems against vulnerabilities like CVE-2025-49457. Unpatched software, especially in enterprise environments where Zoom is widely used, presents a cybersecurity risk for attackers.
This latest flaw highlights the need for organizations and users to prioritize regular updates to prevent exploitation. Without timely patches, even trusted applications like Zoom can be compromised. Staying up to date with security fixes is the best defense against Zoom vulnerabilities, ensuring a secure digital environment.
