- Zoom warns several versions of his Windows client are vulnerable
- A security defect can be used to fully resume the target ending points
- Zoom advises fixes immediately, users must therefore update now
Zoom has corrected a vulnerability of critical gravity that could have allowed threat to degenerate their privileges on the network.
The online collaboration tool has found that its Windows application does not always use explicit complete paths when loading dynamic libraries (DLL). Instead, it is based on Windows’s default research order, which means that if an attacker had to place a malicious DLL in the right location, Zoom can load and execute it. It is similar to the driver’s to vulnerable attack bringing your own thief, although unidentical.
Thus, if the DLL triggers the installation of persistent malicious software such as deadlines or ransomware, and if the zoom works with high privileges, threat actors could, in theory, take care of the whole end point.
Debian, Fedora and others
In other scenarios, vulnerability could be used to collect sensitive files such as meeting recordings, contact lists, identification and similar information. They could also swivel the business network more deeply, reaching domain controllers or high -value systems.
The worst part of the abuse of this flaw is that it requires no authentication and can be described as low in complexity. All threat actors that actors need is a path to which the target system trusts and does not even require advanced skills – simply place the malicious DLL in a strategic location.
Vulnerability, affecting the Windows client, is followed as CVE-2025-49457, and has a 9.6 / 10 (critical) gravity score.
The prevalence of zoom in the business world, in particular from the Pandemic COVID-19, means that the attack surface is quite large.
The affected products include Zoom Workplace Zoom Workplace before version 6.3.10, Zoom Workplace VDI for Windows before version 6.3.10 (except 6.1.16 and 6.2.12), Zoom Rooms for Windows before version 6.3.10, Zoom Rooms Controller for Windows before version 6.3.10 and zoom meeting SDK for Windows before version 6.3.10.
A fix is already available and users are advised to apply it as soon as possible.
