Critical Vulnerability in Zoom Workplace for Windows Allows Privilege Escalation
A significant security flaw has been identified in the Zoom Workplace VDI Client for Windows, potentially enabling attackers to gain elevated privileges on affected systems. This vulnerability, designated as CVE-2025-64740, has been assigned a high severity rating with a CVSS score of 7.5, as detailed in Zoom’s security bulletin ZSB-25042.
Nature of the Vulnerability
The core issue arises from improper verification of cryptographic signatures within the Zoom Workplace VDI Client for Windows installer. This lapse allows an authenticated user with local access to exploit the system, escalating their privileges. Such an escalation could lead to unauthorized command execution, access to sensitive data, and compromise of system integrity.
Affected Versions
The vulnerability impacts the following versions of the Zoom Workplace VDI Client for Windows:
– Versions prior to 6.3.14
– Versions prior to 6.4.12
– Versions prior to 6.5.10
Users operating these versions are at risk and should take immediate action to secure their systems.
Potential Impact
While exploiting this vulnerability requires local access and user interaction, the potential consequences are severe. An attacker who successfully exploits this flaw could gain administrative rights, bypass existing security controls, and potentially move laterally across networks, compromising additional resources. In enterprise environments where Zoom is extensively used for remote work and virtual desktop infrastructure, such a breach could have far-reaching implications.
Technical Details
The vulnerability stems from the installer’s failure to properly validate the authenticity of the software being installed. This oversight creates an opportunity for threat actors to manipulate the installation process, injecting malicious code that operates with elevated permissions. This type of privilege escalation is particularly concerning as it can lead to unauthorized access and control over critical systems.
Mitigation Measures
In response to this vulnerability, Zoom has released security updates to address the issue. Users are strongly advised to update their Zoom Workplace VDI Client for Windows to the latest versions immediately. The updated versions that address this vulnerability are:
– Version 6.3.14
– Version 6.4.12
– Version 6.5.10
Organizations should prioritize patching to mitigate the risk of exploitation. The latest secure versions can be downloaded from Zoom’s official download page at zoom.us/download.
Recommendations for Users and Administrators
To ensure the security of systems and data, users and administrators should:
1. Update Immediately: Install the latest versions of the Zoom Workplace VDI Client for Windows as specified above.
2. Verify Installations: System administrators should confirm that all installations across their organization are updated to the secure versions.
3. Monitor Systems: Regularly monitor systems for any unusual activity that could indicate exploitation attempts.
4. Educate Users: Inform users about the importance of applying updates and recognizing potential security threats.
Conclusion
This disclosure underscores the critical importance of maintaining up-to-date software, especially for widely used communication platforms in enterprise settings. By promptly applying the recommended updates and adhering to best security practices, organizations can protect themselves against potential exploits stemming from this vulnerability.
