Zoom Products Multiple Vulnerabilities

Release Date: 10 Sep 2025

RISK: Medium Risk

TYPE: Clients - Productivity Products

Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger sensitive information disclosure, data manipulation, elevation of privilege and denial of service condition on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Information Disclosure
• Data Manipulation

---

System / Technologies affected

• Zoom Meeting SDK for Android before version 6.5.0
• Zoom Meeting SDK for Linux before version 6.5.0
• Zoom Meeting SDK for macOS before version 6.5.0
• Zoom Meeting SDK for Windows before version 6.5.0
• Zoom Rooms Client for Android before version 6.5.0
• Zoom Rooms Client for iPad before version 6.5.0
• Zoom Rooms Client for macOS before version 6.5.0
• Zoom Rooms Client for Windows before version 6.5.0
• Zoom Rooms Controller for Android before version 6.5.0
• Zoom Rooms Controller for Linux before version 6.5.0
• Zoom Rooms Controller for macOS before version 6.5.0
• Zoom Rooms Controller for Windows before version 6.5.0
• Zoom Rooms for iOS before version 6.5.0
• Zoom Rooms for macOS before version 6.5.0
• Zoom Rooms for Windows before version 6.5.0
• Zoom Workplace App for iOS before version 6.5.0
• Zoom Workplace Desktop for Linux before version 6.5.0
• Zoom Workplace Desktop for macOS before version 6.5.0
• Zoom Workplace Desktop for Windows before version 6.5.0
• Zoom Workplace for Linux before version 6.5.0
• Zoom Workplace for macOS before version 6.5.0
• Zoom Workplace for Windows before version 6.5.0
• Zoom Workplace for Windows on ARM before version 6.5.0
• Zoom Workplace VDI Client for Windows before version 6.3.14 and 6.4.12 in their respective tracks.
• Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 (or before 6.2.15 and 6.3.12 in their respective tracks)

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• https://www.zoom.com/en/trust/security-bulletin/zsb-25031/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25032/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25034/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25035/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25036/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25037/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25033/

---

Vulnerability Identifier

• CVE-2025-49458
• CVE-2025-49459
• CVE-2025-49460
• CVE-2025-49461
• CVE-2025-58131
• CVE-2025-58134
• CVE-2025-58135

---

Source

• Zoom

---

Related Link

• https://www.zoom.com/en/trust/security-bulletin/zsb-25031/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25032/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25034/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25035/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25036/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25037/
• https://www.zoom.com/en/trust/security-bulletin/zsb-25033/