CVE-2025-64740 | THREATINT

Description

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

PUBLISHED Reserved 2025-11-10 | Published 2025-11-13 | Updated 2025-11-14 | Assigner Zoom

HIGH: 7.5CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-347 Improper Verification of Cryptographic Signature

Product status

Default status

unaffected

see references

affected

References

www.zoom.com/en/trust/security-bulletin/ZSB-25042

cve.org (CVE-2025-64740)

nvd.nist.gov (CVE-2025-64740)

Download JSON