CVE-2025-49457: 
Zoom Client vulnerability analysis and mitigation

CVE-2025-49457 is a critical security vulnerability discovered in Zoom Clients for Windows, disclosed on August 12, 2025. The flaw involves an untrusted search path that could allow an unauthenticated user to conduct privilege escalation via network access. The vulnerability affects multiple Zoom products including Zoom Workplace for Windows, Zoom Workplace VDI, Zoom Rooms, Zoom Rooms Controller, and Zoom Meeting SDK, all versions before 6.3.10. The vulnerability was reported by Zoom's own Offensive Security team and received a Critical CVSS score of 9.6 (Zoom Bulletin, Hacker News).

The vulnerability is classified as an untrusted search path issue (CWE-426). With a CVSS v3.1 base score of 9.6 (Critical), the vulnerability has the following vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges, but does require user interaction. The scope is changed, and the impact on confidentiality, integrity, and availability is high (Security Online, Security Affairs).

The vulnerability's exploitation could allow attackers to gain higher system privileges on devices running Zoom, enabling them to install malware, steal files, or control the system. Given Zoom's widespread use in corporate environments, successful exploitation could provide attackers with a pathway to move deeper into corporate networks, as many employees use Zoom on work devices connected to sensitive resources (Security Affairs).

Zoom has released security updates to address this vulnerability. Users are advised to immediately update their clients to version 6.3.10 or later through the official Zoom Download Center. For VDI environments, versions 6.1.16 and 6.2.12 also contain the fix (Zoom Bulletin, Hacker News).