6.5
CVE-2025-30669
- EPSS 0.09%
- Veröffentlicht 13.11.2025 14:49:54
- Zuletzt bearbeitet 13.01.2026 20:50:57
- Quelle security@zoom.us
- CVE-Watchlists
- Unerledigt
Zoom Workplace Clients - Improper Certificate Validation
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zoom ≫ Meeting Software Development Kit SwPlatformlinux Version < 6.5.10
Zoom ≫ Meeting Software Development Kit SwPlatformwindows Version < 6.5.10
Zoom ≫ Workplace Desktop SwPlatformlinux Version < 6.5.10
Zoom ≫ Workplace Desktop SwPlatformwindows Version < 6.5.10
Zoom ≫ Workplace Virtual Desktop Infrastructure SwPlatformwindows Version < 6.3.14
Zoom ≫ Workplace Virtual Desktop Infrastructure SwPlatformwindows Version >= 6.4.10 < 6.4.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.254 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| security@zoom.us | 4.8 | 1.2 | 3.6 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
https://www.zoom.com/en/trust/security-bulletin/zsb-25044