MEDIUMπŸ‡΅πŸ‡± Wersja polska

CVE-2025-30662

CVSS 6.6v3.1pub. 2025-11-13upd. 2026-01-09

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
  • Zoom Workplace Virtual Desktop Infrastructure

    APP
    Zoom
    < 6.3.146.4.0 – 6.4.14 (bez)6.5.0 – 6.5.10 (bez)
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-30903CRITICAL9.6PL βœ“ten sam produkt

Zoom Workplace dla Windows β€” privilege escalation przez kontrolΔ™ Ε›cieΕΌki pliku w funkcji Mail

CVE-2025-49457CRITICAL9.6PL βœ“ten sam produkt

Untrusted search path w klientach Zoom dla Windows — privilege escalation przez sieć

CVE-2026-30905HIGH7.8ten sam produkt

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before vers...

CVE-2026-30900HIGH7.8ten sam produkt

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an aut...

CVE-2026-30902HIGH7.8ten sam produkt

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct a...

CVE-2025-30662 β€” Zoom β€” Workplace Virtual Desktop Infrastructure β€” MEDIUM β€” CVSS 6.6 | CVEbaza.pl