Overview
A critical security vulnerability, identified as CVE-2025-64741, has been discovered in Zoom Workplace for Android. This vulnerability allows an unauthenticated attacker with network access to escalate their privileges, potentially gaining unauthorized control within the application. The vulnerability affects versions prior to 6.5.10.
Technical Details
CVE-2025-64741 stems from improper authorization handling within the Zoom Workplace application for Android. Specifically, the application fails to adequately verify the permissions of incoming network requests. This lack of proper authentication and authorization allows a malicious actor to craft network requests that bypass security checks and grant elevated privileges. While the exact attack vector will vary based on the impacted functionality, the common thread is a failure to properly validate the origin and legitimacy of network requests interacting with sensitive application components.
CVSS Analysis
- CVSS Score: 8.1 (HIGH)
- This score indicates a significant risk, reflecting the potential for unauthorized access and control.
Possible Impact
The exploitation of CVE-2025-64741 could lead to several severe consequences, including:
- Unauthorized Access to Sensitive Data: Attackers could gain access to confidential meeting recordings, chat logs, and user profiles.
- Account Takeover: An attacker might be able to take control of legitimate user accounts.
- Malicious Meeting Manipulation: Attackers could disrupt or manipulate ongoing meetings, inject malicious content, or eavesdrop on conversations.
- Data Exfiltration: Sensitive data stored within the Zoom Workplace application could be stolen.
Mitigation and Patch Steps
The most effective way to mitigate this vulnerability is to update Zoom Workplace for Android to version 6.5.10 or later. Users are strongly advised to update their applications immediately. To update:
- Open the Google Play Store on your Android device.
- Search for “Zoom Workplace”.
- If an update is available, tap the “Update” button.
Organizations should enforce updates on managed devices to ensure consistent protection against this vulnerability. Until updates can be applied, closely monitor network traffic for suspicious activity originating from or targeting Zoom Workplace applications.