Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
6DescriptionCVE.org
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.
AnalysisAI
CVE-2025-46788 is an improper certificate validation vulnerability in Zoom Workplace for Linux versions before 6.4.13 that allows unauthenticated network-based attackers to conduct information disclosure attacks with high complexity requirements. The vulnerability enables unauthorized users to intercept or access sensitive information through network access by bypassing SSL/TLS certificate validation mechanisms. While the CVSS score is 7.4 (high), the attack complexity is high (AC:H), suggesting exploitation requires specific conditions; KEV status and active exploitation data are not currently available, warranting monitoring for disclosure.
Technical ContextAI
This vulnerability stems from improper implementation of certificate validation in Zoom Workplace for Linux, a client application that communicates over network protocols. The root cause is classified as CWE-295 (Improper Certificate Validation), which occurs when applications fail to properly verify X.509 certificates during TLS/SSL handshakes. Affected versions before 6.4.13 likely contain flawed certificate chain validation, hostname verification, or certificate pinning logic. The vulnerability manifests in the Linux client's network communication layer (CPE: cpe:2.3:a:zoom:zoom_workplace:*:*:*:*:*:linux:*:*), affecting the encryption and authentication protections of client-server communications. An attacker positioned on the network could leverage this to perform man-in-the-middle (MITM) attacks by presenting invalid or self-signed certificates that the vulnerable client accepts.
RemediationAI
Immediate action: Upgrade Zoom Workplace for Linux to version 6.4.13 or later. This is the patched version that remediates CWE-295 certificate validation flaws. For organizations unable to immediately patch: (1) Restrict Zoom Workplace for Linux client usage to trusted, controlled networks where MITM attacks are mitigated by network segmentation; (2) Deploy network-level TLS inspection and certificate pinning at the gateway level if possible; (3) Monitor for suspicious certificate validation warnings in Zoom client logs; (4) Disable Zoom Workplace for Linux temporarily in high-risk environments until patching is complete; (5) Implement endpoint detection and response (EDR) to identify MITM attack patterns. Check Zoom's official security advisories and release notes for patch availability confirmation and additional mitigation guidance. Verify patch deployment through version verification commands (zoom --version or similar) after updates.
More in Workplace Desktop
View allUntrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of
Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network acce
Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation o
Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a p
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial o
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via
Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to co
Race condition in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct
Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-21012