A safety vulnerability has been found in Zoom Office’s VDI Consumer for Home windows that would enable attackers to escalate their privileges on affected programs.
The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as Excessive severity with a CVSS rating of seven.5.
| Attribute | Particulars |
|---|---|
| CVE ID | CVE-2025-64740 |
| Bulletin ID | ZSB-25042 |
| Product | Zoom Office VDI Consumer for Home windows |
| Vulnerability Kind | Improper Verification of Cryptographic Signature |
| Assault Vector | Native |
| Severity | Excessive |
| CVSS Rating | 7.5 |
Understanding the Vulnerability
The weak point stems from improper verification of cryptographic signatures within the Zoom Office VDI Consumer installer.
In easier phrases, the installer doesn’t correctly confirm that set up recordsdata are respectable earlier than executing them.
This oversight creates a possibility for attackers who’ve already gained native entry to a system to escalate their permissions, shifting from an everyday person account to an administrator-level account.
This isn’t a distant assault the place hackers can infiltrate programs from the web. As an alternative, it requires an attacker already to have authentication and native entry to the goal machine.
Nonetheless, as soon as inside, they’ll exploit this flaw to realize full management, doubtlessly compromising delicate knowledge or putting in malware that impacts the whole group.
Safety researchers at Mandiant, a number one risk intelligence agency owned by Google, found and reported this vulnerability to Zoom.
Mandiant’s identification of this flaw highlights the significance of specialised safety analysis in defending enterprise software program.
Organizations utilizing Zoom Office VDI Consumer for Home windows are in danger in the event that they’re operating variations earlier than:
- Model 6.3.14
- Model 6.4.12
- Model 6.5.10
The vulnerability impacts all earlier variations throughout these respective tracks. VDI (Digital Desktop Infrastructure) environments are important in enterprise settings, making this discovery particularly necessary for organizations that depend on digital desktops for distant work and safe computing.
The CVSS rating of seven.5 displays the intense nature of this flaw. Whereas it requires the attacker to have already native system entry and person interplay to use, the potential impression is extreme.
A profitable assault may enable unauthorized privilege escalation, enabling attackers to execute arbitrary code with elevated permissions, entry restricted recordsdata, or compromise system integrity.
Zoom has launched patched variations addressing this vulnerability. Organizations ought to instantly replace their Zoom Office VDI Consumer installations to the newest out there variations.
Zoom customers can obtain and set up the newest safety updates from the official Zoom obtain heart.
For safety groups managing VDI environments, prioritizing this replace is important. The mixture of Mandiant’s discovery and Zoom’s fast patch launch demonstrates the significance of staying present with safety updates.
In case your group makes use of Zoom Office VDI Consumer for Home windows, deal with this replace as pressing. Whereas the vulnerability requires present system entry to use, the potential for privilege escalation makes it a major safety threat.
Replace instantly to the patched variations to remove this assault vector and preserve your safety posture.
Observe us on Google Information, LinkedIn, and X to Get Prompt Updates and Set GBH as a Most well-liked Supply in Google.
