Zoom has published details on vulnerabilities impacting its Workplace applications, with new patches addressing multiple security flaws. The most critical issues arise from improper authorization handling (CVE-2025-64741) and verification of cryptographic signatures (CVE-2025-64740), which could enable attackers to bypass access controls and accept tampered updates. As remote work continues, securing video conferencing tools is vital due to the rising threat landscape.
In addition to high-severity flaws, medium-severity vulnerabilities exist, including path manipulation risks (CVE-2025-64739 and CVE-2025-64738) within various Zoom clients. These issues could lead to data leakage or even arbitrary code execution when exploited alongside other vulnerabilities. The advisory emphasizes the crucial need for input sanitization and robust security measures in cross-platform applications. Moreover, a revised advisory addresses null pointer dereferences (CVE-2025-30670 and CVE-2025-30671), signifying ongoing stability concerns for Windows environments. Zoom continues to advocate for immediate updates and multi-factor authentication to mitigate risks across affected platforms.
👉 Pročitaj original: Cyber Security News
