CVE-2025-58134
📋 TL;DR
This CVE describes an incorrect authorization vulnerability in Zoom Workplace Clients for Windows that allows authenticated users to potentially modify data or settings via network access. The vulnerability affects integrity but not confidentiality or availability. Only Windows users running vulnerable Zoom Workplace Client versions are affected.
💻 Affected Systems
- Zoom Workplace Client
📦 What is this software?
Rooms by Zoom
⚠️ Risk & Real-World Impact
Worst Case
An authenticated attacker could modify user settings, meeting configurations, or potentially escalate privileges within the Zoom application context.
Likely Case
An authenticated user could alter their own or other users' Zoom settings, potentially disrupting meeting experiences or changing preferences.
If Mitigated
With proper network segmentation and least privilege access, impact would be limited to authorized users making legitimate changes within their permissions.
🎯 Exploit Status
Exploitation requires authenticated access and understanding of Zoom's authorization mechanisms. No public exploit details available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Zoom advisory ZSB-25035 for patched versions
Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/ZSB-25035
Restart Required: No
Instructions:
1. Visit Zoom's security bulletin ZSB-25035. 2. Identify affected versions. 3. Update Zoom Workplace Client to the latest version. 4. Configure automatic updates if available.
🔧 Temporary Workarounds
Network Segmentation
allRestrict network access to Zoom clients to trusted networks only
Least Privilege Access
allEnsure users only have necessary permissions within Zoom
🧯 If You Can't Patch
- Implement strict network access controls to limit which systems can communicate with Zoom clients
- Monitor for unusual Zoom configuration changes or unauthorized access attempts
🔍 How to Verify
Check if Vulnerable:
Check Zoom client version against affected versions listed in ZSB-25035 advisoryCheck Version:
In Zoom client: Click profile picture → Help → About ZoomVerify Fix Applied:
Verify Zoom client version is updated to patched version specified in ZSB-25035📡 Detection & Monitoring
Log Indicators:
- Unusual Zoom configuration changes
- Multiple failed authorization attempts
- Unexpected network connections to Zoom client
Network Indicators:
- Unusual traffic patterns to/from Zoom clients
- Authorization-related network errors
SIEM Query:
source="zoom" AND (event_type="configuration_change" OR event_type="authorization_failure")