PT-2025-32954 · Zoom Video Communications · Zoom Clients For Windows

Published

2025-08-12

Updated

2025-08-14

CVE-2025-49457

Report an issue

CVSS v3.1

9.6

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

**Name of the Vulnerable Software and Affected Versions:**

Zoom versions prior to 6.3.10

**Description:**

An untrusted search path vulnerability exists in certain Zoom Clients for Windows, potentially allowing an unauthenticated user to escalate privileges through network access. This flaw could lead to malware installation and data theft.

**Recommendations:**

Zoom versions prior to 6.3.10: Update to version 6.3.10 or later.

Fix

RCE

LPE

Untrusted Search Path

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2025-49457

Affected Products

Zoom Clients For Windows

PT-2025-32954 · Zoom Video Communications · Zoom Clients For Windows

Weakness Enumeration

Related Identifiers

Affected Products

References · 21