Zoom

Workplace Virtual Desktop Infrastructure

57 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2026-30905

Medienbericht
  • EPSS 0.12%
  • Veröffentlicht 13.05.2026 18:00:22
  • Zuletzt bearbeitet 03.06.2026 01:26:11

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access.

9.8

CVE-2026-30903

Medienbericht
  • EPSS 0.33%
  • Veröffentlicht 11.03.2026 14:52:55
  • Zuletzt bearbeitet 14.05.2026 20:27:29

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.

7.8

CVE-2026-30902

Medienbericht
  • EPSS 0.11%
  • Veröffentlicht 11.03.2026 14:50:51
  • Zuletzt bearbeitet 14.05.2026 20:28:46

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

7.8

CVE-2026-30900

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 11.03.2026 14:44:36
  • Zuletzt bearbeitet 14.05.2026 21:06:34

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

7.5

CVE-2025-62483

  • EPSS 0.24%
  • Veröffentlicht 13.11.2025 15:03:07
  • Zuletzt bearbeitet 13.01.2026 20:50:10

Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-30662

  • EPSS 0.11%
  • Veröffentlicht 13.11.2025 14:53:09
  • Zuletzt bearbeitet 09.01.2026 22:10:55

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network acc...

6.5

CVE-2025-30669

  • EPSS 0.09%
  • Veröffentlicht 13.11.2025 14:49:54
  • Zuletzt bearbeitet 13.01.2026 20:50:57

Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.

7.8

CVE-2025-64740

  • EPSS 0.1%
  • Veröffentlicht 13.11.2025 14:35:39
  • Zuletzt bearbeitet 13.01.2026 20:51:36

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

7.5

CVE-2025-64739

  • EPSS 0.29%
  • Veröffentlicht 13.11.2025 14:28:58
  • Zuletzt bearbeitet 13.01.2026 20:46:49

External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-58132

  • EPSS 1.89%
  • Veröffentlicht 15.10.2025 16:10:20
  • Zuletzt bearbeitet 21.10.2025 19:32:07

Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.