Zoom Video Communications has disclosed several vulnerabilities impacting its Workplace Apps across multiple platforms, including Windows, macOS, Linux, iOS, and Android. These vulnerabilities pose significant risks such as privilege escalation, denial-of-service (DoS), and remote code execution, which could potentially compromise user systems and data integrity.
Overview of Zoom Workplace App Vulnerabilities
Zoom’s latest security bulletins outline a series of medium- to high-severity flaws affecting its Workplace Apps. Among the most critical vulnerabilities is a high-severity time-of-check to time-of-use (TOCTOU) race condition vulnerability, tracked as CVE-2025-30663.
This vulnerability stems from a race condition in the Zoom Workplace apps, which could allow local users to exploit discrepancies between resource verification and usage. The vulnerability has a CVSS 4.0 score of 5.9 and enables attackers to gain unauthorized access to sensitive information and escalate privileges. Exploiting this flaw requires local system access and authentication credentials but poses significant risks, particularly in enterprise environments.
Other Key Vulnerabilities in Zoom Workplace Apps
Other vulnerabilities include multiple NULL pointer dereference bugs, identified as CVE-2025-30665, CVE-2025-30666, CVE-2025-30667, and CVE-2025-30668, which could cause application crashes or enable attackers to execute arbitrary code, leading to potential denial-of-service (DoS) attacks or remote code execution.
Detailed Vulnerability Breakdown
The following vulnerabilities affect Zoom Workplace Apps across various platforms:
| CVE ID | Affected Products | Description |
|---|---|---|
| CVE-2025-46785 | Zoom Workplace Apps for Windows | Buffer over-read vulnerability causing potential data exposure and crashes. |
| CVE-2025-30668 | Zoom Workplace Apps for Windows | NULL pointer dereference flaw leading to application crashes or potential code execution. |
| CVE-2025-30667 | Zoom Workplace Apps (all platforms) | NULL pointer dereference, leading to DoS or arbitrary code execution. |
| CVE-2025-30665 | Zoom Workplace Apps for Windows | NULL pointer dereference in Windows-specific components enabling crashes or privilege escalation. |
| CVE-2025-30666 | Zoom Workplace Apps for Windows | NULL pointer dereference flaw impacting Windows clients, similar to CVE-2025-30665. |
| CVE-2025-30664 | Zoom Workplace Apps (all platforms) | Improper input sanitization allowing malicious inputs to bypass security controls. |
| CVE-2025-30663 | Zoom Workplace Apps (all platforms) | TOCTOU race condition enabling privilege escalation. |
These vulnerabilities impact various Zoom products across multiple platforms, including:
- Zoom Workplace Desktop App for Windows (versions before 6.4.0 62047)
- Zoom Workplace Desktop App for macOS (versions before 6.3.11 50104)
- Zoom Workplace Desktop App for Linux (versions before 6.3.11 7212)
- Virtual Desktop Infrastructure (VDI) (versions 6.1.0 – 6.2.12.25780)
- Zoom Rooms Controllers and Clients
- Zoom Meeting SDK across Windows, macOS, Linux, iOS, and Android platforms
Mitigation and Recommendations
Zoom has not provided detailed guidance on the impact of these vulnerabilities on individual customers but strongly recommends updating to the latest software versions to benefit from all security improvements. The company’s official security bulletin urges users to update to the latest version of Zoom software to ensure all fixes and security enhancements are applied.
Security experts strongly advise organizations to implement these patches promptly, especially in enterprise environments where privilege escalation vulnerabilities can severely affect network integrity and data confidentiality.
Users can download the latest Zoom updates from the company’s official download page or enable automatic updates in their application settings to stay protected against emerging threats.
