Overview
CVE-2025-30662 describes a medium severity vulnerability affecting the Zoom Workplace VDI Plugin macOS Universal installer. Specifically, a symlink following vulnerability exists in versions prior to 6.3.14, 6.4.14, and 6.5.10 of their respective tracks. This vulnerability could allow an authenticated local user to potentially conduct information disclosure via network access.
Technical Details
The vulnerability stems from the installer’s handling of symbolic links (symlinks). An authenticated user, with local access to the system, can potentially manipulate the installer process by creating malicious symlinks. These symlinks could point to sensitive files outside of the intended installation directory. When the installer attempts to access these files, it might inadvertently expose their contents, potentially including configuration files, logs, or other sensitive data, over the network. The Zoom Security Bulletin indicates this occurs specifically in the macOS Universal installer.
CVSS Analysis
The assigned CVSS score for CVE-2025-30662 is 6.6 (MEDIUM). This score takes into account several factors, including:
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality Impact (C): High (H)
- Integrity Impact (I): None (N)
- Availability Impact (A): None (N)
The Network attack vector indicates the vulnerability can be exploited remotely (within the local network). Low attack complexity means it is relatively easy to exploit. Low privileges required mean that even a standard user account can potentially exploit the vulnerability. The high confidentiality impact indicates that sensitive information could be disclosed, making this a significant security concern.
Possible Impact
Successful exploitation of CVE-2025-30662 could lead to:
- Information Disclosure: Sensitive data, such as configuration files, log files, or user data, could be exposed to unauthorized individuals.
- Lateral Movement: Gained information could be used to facilitate further attacks within the network.
- Compromised Systems: Depending on the nature of the disclosed information, systems could be further compromised.
Mitigation and Patch Steps
The recommended mitigation is to update the Zoom Workplace VDI Plugin macOS Universal installer to the latest version. Specifically, upgrade to version 6.3.14, 6.4.14, or 6.5.10, or any later version within their respective tracks.
- Visit the Zoom download center to download the latest version of the VDI plugin installer.
- Follow the installation instructions provided by Zoom.
- Verify that the installed version is 6.3.14, 6.4.14, or 6.5.10 or later.