MUST READ

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

 | 

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

 | 

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

 | 

Crooks exploit Meta malvertising to target Android users with Brokewell

 | 

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

 | 

Fraudster stole over $1.5 million from city of Baltimore

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

 | 

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Amazon blocks APT29 campaign targeting Microsoft device code authentication

 | 

Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

 | 

New zero-click exploit allegedly used to hack WhatsApp users

 | 

US and Dutch Police dismantle VerifTools fake ID marketplace

 | 

Experts warn of actively exploited FreePBX zero-day

 | 

Google: Salesloft Drift breach hits all integrations

 | 

Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure

 | 

Zoom patches critical Windows flaw allowing privilege escalation

Pierluigi Paganini August 14, 2025

Zoom fixed a critical Windows client flaw (CVE-2025-49457, CVSS 9.6) involving an untrusted search path that could enable privilege escalation.

Cloud-based video conferencing and online collaboration platform Zoom addressed a critical security flaw, tracked as CVE-2025-49457 (CVSS score of 9.6) in Zoom Clients for Windows.

An unauthenticated user can exploit the vulnerability to conduct an escalation of privilege via network access.

“Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.” reads the advisory published by the company.

The vulnerability impacts the following products:

  • Workplace for Windows before version 6.3.10
  • Workplace VDI for Windows before version 6.3.10 (except 6.1.16 and 6.2.12)
  • Rooms for Windows before version 6.3.10
  • Rooms Controller for Windows before version 6.3.10
  • Meeting SDK for Windows before version 6.3.10

Vulnerabilities in popular software like Zoom are dangerous because these platforms run on millions of personal and business devices worldwide and often hold sensitive conversations, corporate data, and meeting recordings.

When a flaw, like the CVE-2025-49457 privilege escalation bug, exists, threat actors can:

  • Gain higher system privileges on a device running Zoom, letting them install malware, steal files, or control the system.
  • Bypass security controls that normally limit what software can do.
  • Move deeper into corporate networks, since many employees use Zoom on work devices connected to sensitive resources.

Attackers target Zoom because its massive global user base makes it a high-value target, and its status as trusted software means malicious actions through it are less likely to raise suspicion. Additionally, Zoom can serve as an entry point into well-secured organizations that might otherwise have limited avenues for remote access.

In November 2024, Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, privilege escalation)

Zoom

you might also like

Pierluigi Paganini September 03, 2025
Crooks turn HexStrike AI into a weapon for fresh vulnerabilities
Read more
Pierluigi Paganini September 03, 2025
Google addressed two Android flaws actively exploited in targeted attacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Cyber Crime / September 03, 2025

Google addressed two Android flaws actively exploited in targeted attacks

Security / September 03, 2025

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 03, 2025

Android droppers evolved into versatile tools to spread malware

Malware / September 03, 2025

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

Hacking / September 03, 2025