Zoom Workplace VDI Plugin macOS Universal Installer – Symlink Following

6.6 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Description

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.

Basic Information

ID CVE-2025-30662

Source Zoom

Published Nov 13, 2025 at 14:53

Modified Nov 13, 2025 at 15:38

Affected Product

Vendor Zoom Communications Inc.

Product Zoom Workplace VDI Plugin macOS Universal installer

Version see references

Affected Versions Zoom Communications Inc. Zoom Workplace VDI Plugin macOS Universal installer see references

CWE Classification

CWE-646

References

www.zoom.com /en/trust/security-bulletin/zsb-25045

{
    "lastseen": "",
    "description": "Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.",
    "published": "2025-11-13T14:53:09.801Z",
    "modified": "2025-11-13T15:38:36.778Z",
    "type": "cve",
    "title": "Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following",
    "source": "Zoom",
    "references": "https://www.zoom.com/en/trust/security-bulletin/zsb-25045",
    "id": "CVE-2025-30662",
    "bulletinFamily": "",
    "cwe": [
        "CWE-646"
    ],
    "cvelist": null,
    "sourceData": "Zoom Communications Inc. Zoom Workplace VDI Plugin macOS Universal installer see references",
    "sourceHref": "",
    "cvss": {
        "score": 6.6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Zoom Workplace VDI Plugin macOS Universal installer",
    "version": "see references",
    "vendor": "Zoom Communications Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Zoom Workplace VDI Plugin macOS Universal Installer – Symlink Following_CVE-2025-30662