Escalation of Privilege Vulnerability in Zoom Workplace Apps
CVE-2025-30664

6.6MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps
Vendor: CVE Published:; 14 May 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-30664?

An improper neutralization of special elements vulnerability exists in Zoom Workplace Apps, allowing an authenticated user to escalate privileges through local access. This issue could potentially lead to unauthorized actions within the application, making it essential for users to ensure they are operating on the latest secured versions. Review security advisories and apply necessary updates to mitigate this risk, as recommended by the vendor.

Affected Version(s)

Zoom Workplace Apps Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25017

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Mar 24, 2025