Primary

Context

Zoom Workplace Apps Untrusted Search Path Vulnerability Allowing Privilege Escalation on Windows

Vulnerability

Patched

A vulnerability exists in the installer for certain Zoom Workplace Apps on Windows, where an untrusted search path may enable an authorized user to escalate privileges through local access. This issue affects several different versions and/or ranges of the Zoom Workplace App, VDI Client, Zoom Rooms Client, Zoom Rooms Controller, and the Zoom Meeting and Video SDKs for Windows.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Remediation

Users are advised to update to the latest versions of the Zoom Workplace App, Zoom Workplace VDI Client, Zoom Rooms Client, Zoom Rooms Controller, and the Zoom Meeting or Video SDK for Windows. The latest updates can be downloaded from the Zoom Download Center.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zoom Workplace Apps Untrusted Search Path Vulnerability Allowing Privilege Escalation on Windows

Vulnerability

Impact

Remediation

Affected Products

Zoom Workplace App

Zoom Rooms Client

Zoom Rooms Controller

Zoom Meeting SDK

Zoom Video SDK

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating