Improper Neutralization Vulnerability in Zoom Workplace Apps
CVE-2025-46786

4.3MEDIUM

Key Information:

Vendor: Zoom Communications, Inc
Status: Zoom Workplace Apps
Vendor: CVE Published:; 14 May 2025

🔔 Create Zoom Communications, Inc Vulnerability Alert

What is CVE-2025-46786?

A vulnerability exists in Zoom Workplace Apps that improperly neutralizes special elements, potentially allowing an authenticated user to exploit app integrity issues through network access. This could result in unauthorized modifications or actions within the application, posing significant risks to sensitive data and operational security.

Affected Version(s)

Zoom Workplace Apps Windows see references

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25022

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Apr 29, 2025