Improper Authorization in Zoom Workplace for Android by Zoom
CVE-2025-64741

8.1HIGH

Key Information:

Vendor: Zoom
Status: Zoom Workplace For Android
Vendor: CVE Published:; 13 November 2025

What is CVE-2025-64741?

An improper authorization flaw has been identified in Zoom Workplace for Android that can allow unauthenticated users to escalate their privileges through network access. This vulnerability affects versions prior to 6.5.10 and poses a significant risk by enabling potential unauthorized actions within the application. Users are advised to update to the latest version to mitigate this risk.

Affected Version(s)

Zoom Workplace for Android Android 0 < 6.5.10

References

https://www.zoom.com/en/trust/security-bulletin/zsb-25043

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 13, 2025
Vulnerability Reserved
Nov 10, 2025

JSON