Zoom Workplace VDI Client for Windows
by Zoom Video Communications, Inc.
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49459 | Hig | 0.51 | 7.8 | 0.00 | Sep 9, 2025 | Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||
| CVE-2025-64740 | 0.00 | — | 0.00 | Nov 13, 2025 | Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | |||
| CVE-2025-49457 | 0.00 | — | 0.01 | Aug 12, 2025 | Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access | |||
| CVE-2025-49456 | 0.00 | — | 0.00 | Aug 12, 2025 | Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access. | |||
| CVE-2024-24691 | 0.00 | — | 0.02 | Feb 14, 2024 | Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. | |||
| CVE-2024-24695 | 0.00 | — | 0.01 | Feb 13, 2024 | Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access. |
- risk 0.51cvss 7.8epss 0.00
Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access.
- CVE-2025-64740Nov 13, 2025risk 0.00cvss —epss 0.00
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
- CVE-2025-49457Aug 12, 2025risk 0.00cvss —epss 0.01
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
- CVE-2025-49456Aug 12, 2025risk 0.00cvss —epss 0.00
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
- CVE-2024-24691Feb 14, 2024risk 0.00cvss —epss 0.02
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.
- CVE-2024-24695Feb 13, 2024risk 0.00cvss —epss 0.01
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.