Primary

Context

Zoom Workplace VDI Plugin macOS Universal Installer Symlink Following Information Disclosure Vulnerability

Vulnerability

A symlink following vulnerability has been identified in the Zoom Workplace VDI Plugin macOS Universal installer, affecting versions prior to 6.3.14, 6.4.14, and 6.5.10 in their respective tracks. This vulnerability may allow an authenticated user to disclose information via network access.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Remediation

Users are advised to update to the latest version of the Zoom Workplace VDI Plugin for macOS. The latest version can be downloaded from the Zoom Download Center.

Added: Nov 13, 2025, 3:16 PM

Updated: Nov 13, 2025, 3:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zoom Workplace VDI Plugin macOS Universal Installer Symlink Following Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating