CVE-2025-62483: 
Zoom Rooms vulnerability analysis and mitigation

CVE-2025-62483 is a vulnerability discovered in Zoom Clients before version 6.5.10, disclosed on November 13, 2025. The vulnerability affects multiple Zoom products including Zoom Workplace for Windows, macOS, and Linux, Zoom Rooms, and Zoom Meeting SDK. This security issue involves improper removal of sensitive information that could potentially expose data to unauthorized users through network access (Zoom Bulletin).

The vulnerability has been assigned a CVSS v3.1 base score of 5.3 (Medium severity) with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges or user interaction, and can result in low-level information disclosure (Zoom Bulletin). The vulnerability is classified under CWE-212, which refers to Improper Removal of Sensitive Information Before Storage or Transfer (NVD).

The vulnerability allows an unauthenticated user to conduct a disclosure of information via network access. The impact is limited to information disclosure with no impact on system integrity or availability (Zoom Bulletin).

Users are advised to update to Zoom Client version 6.5.10 or later to mitigate this vulnerability. The fix is available through the official Zoom download page at https://zoom.us/download. For VDI clients, users should update to versions 6.3.14, 6.4.12, or 6.5.10 in their respective tracks (Zoom Bulletin).