Primary

Context

Zoom Improper Certificate Validation Vulnerability Allowing Information Disclosure

Vulnerability

A vulnerability exists in certain Zoom Clients due to improper certificate validation. This issue may enable an unauthenticated user to disclose information through adjacent access. The vulnerability affects Zoom Workplace for Windows, Linux, and VDI Clients, as well as the Zoom Meeting SDK for Windows and Linux, all prior to version 6.5.10.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Remediation

Users are advised to update to the latest version of Zoom. The latest version can be downloaded from the Zoom Download Center.

Added: Nov 13, 2025, 3:28 PM

Updated: Nov 13, 2025, 3:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zoom Improper Certificate Validation Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating