Zoom Workplace for Windows on ARM – Missing Authorization

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access.

Basic Information

ID CVE-2025-49459

Source Zoom

Published Sep 9, 2025 at 21:29

Affected Product

Vendor Zoom Communications, Inc

Product Zoom Workplace for Windows on ARM

Affected Versions Zoom Communications, Inc Zoom Workplace for Windows on ARM 0

CWE Classification

CWE-862

References

www.zoom.com /en/trust/security-bulletin/ZSB-25032

{
    "lastseen": "",
    "description": "Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access.",
    "published": "2025-09-09T21:29:33.168Z",
    "modified": "2025-09-09T21:29:33.168Z",
    "type": "cve",
    "title": "Zoom Workplace for Windows on ARM  - Missing Authorization",
    "source": "Zoom",
    "references": "https://www.zoom.com/en/trust/security-bulletin/ZSB-25032",
    "id": "CVE-2025-49459",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "Zoom Communications, Inc Zoom Workplace for Windows on ARM 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Zoom Workplace for Windows on ARM",
    "version": "0",
    "vendor": "Zoom Communications, Inc",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Zoom Workplace for Windows on ARM – Missing Authorization_CVE-2025-49459