MUST READ

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Researchers expose MalTerminal, an LLM-enabled malware pioneer

 | 

Beware: GitHub repos distributing Atomic Infostealer on macOS

 | 

ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63

 | 

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

A cyberattack on Collins Aerospace disrupted operations at major European airports

 | 

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

 | 

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

 | 

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

 | 

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

 | 

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

 | 

Zoom patches critical Windows flaw allowing privilege escalation

Pierluigi Paganini August 14, 2025

Zoom fixed a critical Windows client flaw (CVE-2025-49457, CVSS 9.6) involving an untrusted search path that could enable privilege escalation.

Cloud-based video conferencing and online collaboration platform Zoom addressed a critical security flaw, tracked as CVE-2025-49457 (CVSS score of 9.6) in Zoom Clients for Windows.

An unauthenticated user can exploit the vulnerability to conduct an escalation of privilege via network access.

“Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.” reads the advisory published by the company.

The vulnerability impacts the following products:

  • Workplace for Windows before version 6.3.10
  • Workplace VDI for Windows before version 6.3.10 (except 6.1.16 and 6.2.12)
  • Rooms for Windows before version 6.3.10
  • Rooms Controller for Windows before version 6.3.10
  • Meeting SDK for Windows before version 6.3.10

Vulnerabilities in popular software like Zoom are dangerous because these platforms run on millions of personal and business devices worldwide and often hold sensitive conversations, corporate data, and meeting recordings.

When a flaw, like the CVE-2025-49457 privilege escalation bug, exists, threat actors can:

  • Gain higher system privileges on a device running Zoom, letting them install malware, steal files, or control the system.
  • Bypass security controls that normally limit what software can do.
  • Move deeper into corporate networks, since many employees use Zoom on work devices connected to sensitive resources.

Attackers target Zoom because its massive global user base makes it a high-value target, and its status as trusted software means malicious actions through it are less likely to raise suspicion. Additionally, Zoom can serve as an entry point into well-secured organizations that might otherwise have limited avenues for remote access.

In November 2024, Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, privilege escalation)

Zoom

you might also like

Pierluigi Paganini September 24, 2025
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps
Read more
Pierluigi Paganini September 23, 2025
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

Security / September 24, 2025

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

Security / September 23, 2025

US Secret Service dismantled covert communications network near the U.N. in New York

Intelligence / September 23, 2025

A suspected Scattered Spider member suspect detained for casino network attacks

Cyber Crime / September 23, 2025

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

Security / September 23, 2025