Skip to main content

Workplace Desktop CVE-2025-46788

| EUVDEUVD-2025-21012 HIGH
Improper Certificate Validation (CWE-295)
2025-07-10 security@zoom.us
7.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:28 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
6.4.13
EUVD ID Assigned
Mar 16, 2026 - 06:52 euvd
EUVD-2025-21012
Analysis Generated
Mar 16, 2026 - 06:52 vuln.today
CVE Published
Jul 10, 2025 - 16:15 nvd
HIGH 7.4

DescriptionCVE.org

Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.

AnalysisAI

CVE-2025-46788 is an improper certificate validation vulnerability in Zoom Workplace for Linux versions before 6.4.13 that allows unauthenticated network-based attackers to conduct information disclosure attacks with high complexity requirements. The vulnerability enables unauthorized users to intercept or access sensitive information through network access by bypassing SSL/TLS certificate validation mechanisms. While the CVSS score is 7.4 (high), the attack complexity is high (AC:H), suggesting exploitation requires specific conditions; KEV status and active exploitation data are not currently available, warranting monitoring for disclosure.

Technical ContextAI

This vulnerability stems from improper implementation of certificate validation in Zoom Workplace for Linux, a client application that communicates over network protocols. The root cause is classified as CWE-295 (Improper Certificate Validation), which occurs when applications fail to properly verify X.509 certificates during TLS/SSL handshakes. Affected versions before 6.4.13 likely contain flawed certificate chain validation, hostname verification, or certificate pinning logic. The vulnerability manifests in the Linux client's network communication layer (CPE: cpe:2.3:a:zoom:zoom_workplace:*:*:*:*:*:linux:*:*), affecting the encryption and authentication protections of client-server communications. An attacker positioned on the network could leverage this to perform man-in-the-middle (MITM) attacks by presenting invalid or self-signed certificates that the vulnerable client accepts.

RemediationAI

Immediate action: Upgrade Zoom Workplace for Linux to version 6.4.13 or later. This is the patched version that remediates CWE-295 certificate validation flaws. For organizations unable to immediately patch: (1) Restrict Zoom Workplace for Linux client usage to trusted, controlled networks where MITM attacks are mitigated by network segmentation; (2) Deploy network-level TLS inspection and certificate pinning at the gateway level if possible; (3) Monitor for suspicious certificate validation warnings in Zoom client logs; (4) Disable Zoom Workplace for Linux temporarily in high-risk environments until patching is complete; (5) Implement endpoint detection and response (EDR) to identify MITM attack patterns. Check Zoom's official security advisories and release notes for patch availability confirmation and additional mitigation guidance. Verify patch deployment through version verification commands (zoom --version or similar) after updates.

CVE-2025-49457 CRITICAL
9.6 Aug 12

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of

CVE-2024-45421 HIGH
8.5 Feb 25

Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network acce

CVE-2024-39825 HIGH
8.5 Aug 14

Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation o

CVE-2024-27240 HIGH
7.8 Jul 15

Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a p

CVE-2024-45422 HIGH
7.5 Nov 19

Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial o

CVE-2024-45419 HIGH
7.5 Nov 19

Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via

CVE-2024-27241 HIGH
7.5 Jul 15

Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via

CVE-2024-39819 HIGH
7.3 Jul 15

Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to co

CVE-2024-39826 MEDIUM
6.8 Jul 15

Race condition in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct

CVE-2024-42441 MEDIUM
6.7 Aug 14

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and

CVE-2024-42440 MEDIUM
6.7 Aug 14

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and

CVE-2024-27243 MEDIUM
6.5 May 15

Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via

Share

CVE-2025-46788 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy