CVE-2025-49459
HIGHZoom Workplace for Windows on ARM <6.5.0 - Privilege Escalation
Title source: llmDescription
Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access.
References (1)
Core 1
Core References
Various Sources
https://www.zoom.com/en/trust/security-bulletin/ZSB-25032
Scores
CVSS v3
7.8
EPSS
0.0014
EPSS Percentile
3.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-862
Status
published
Products (1)
Zoom Communications, Inc/Zoom Workplace for Windows on ARM
< 6.6.0
Published
Sep 09, 2025
Tracked Since
Feb 18, 2026