CVE-2025-58135 – This vulnerability in Zoom Workplace Clients fo... (How to Fix)

Q: What is the severity of CVE-2025-58135?

CVE-2025-58135 has a CVSS score of 5.3 (MEDIUM). This vulnerability in Zoom Workplace Clients for Windows allows unauthenticated attackers to access sensitive information through network connections. It affects Windows users running vulnerable versions of Zoom Workplace software. The issue stems from improper enforcement of security actions.

📋 TL;DR

This vulnerability in Zoom Workplace Clients for Windows allows unauthenticated attackers to access sensitive information through network connections. It affects Windows users running vulnerable versions of Zoom Workplace software. The issue stems from improper enforcement of security actions.

💻 Affected Systems

Products:

Zoom Workplace Client for Windows

Versions: Specific versions not detailed in advisory; check Zoom security bulletin for exact ranges

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Zoom Workplace clients, not other Zoom products. Requires network access to vulnerable system.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthenticated remote attacker could access sensitive user data, meeting information, or system details from vulnerable Zoom clients.

🟠

Likely Case

Information disclosure of non-critical system or application data to network-adjacent attackers.

🟢

If Mitigated

Minimal impact with proper network segmentation and updated clients.

🌐 Internet-Facing: MEDIUM - Requires network access but unauthenticated exploitation is possible.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this to gather information from vulnerable clients.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires network access to vulnerable client. No authentication needed per CVE description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zoom security bulletin ZSB-25036 for specific patched versions

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/ZSB-25036

Restart Required: No

Instructions:

1. Open Zoom Workplace client 2. Click profile icon 3. Select 'Check for Updates' 4. Install any available updates 5. Alternatively, download latest version from Zoom website

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom clients to trusted networks only

Firewall Rules

all

Block unnecessary inbound connections to Zoom client ports

🧯 If You Can't Patch

Implement strict network segmentation to isolate Zoom clients
Use host-based firewalls to restrict inbound connections to Zoom processes

🔍 How to Verify

Check if Vulnerable:

Check Zoom client version against patched versions in Zoom security bulletin ZSB-25036

Check Version:

In Zoom client: Click profile icon → About → Check version number

Verify Fix Applied:

Verify Zoom client version is updated to patched version listed in advisory

📡 Detection & Monitoring

Log Indicators:

Unusual network connections to Zoom client process
Multiple failed authentication attempts followed by successful data access

Network Indicators:

Unexpected inbound connections to Zoom client ports
Unusual data exfiltration patterns from Zoom processes

SIEM Query:

process:zoom.exe AND network_inbound:true AND NOT src_ip IN [trusted_networks]

📊 Metadata

CVE ID: CVE-2025-58135

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-837

EPSS Score: 0.03% exploit probability (9.1th percentile)

Published: September 9, 2025

Last Updated: October 6, 2025

🔗 References

https://www.zoom.com/en/trust/security-bulletin/ZSB-25036 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58135, you might also want to check these: