CVE-2025-62483 – This vulnerability in Zoom Clients allows unaut... (How to Fix)

Q: What is the severity of CVE-2025-62483?

CVE-2025-62483 has a CVSS score of 5.3 (MEDIUM). This vulnerability in Zoom Clients allows unauthenticated attackers to access sensitive information through network access due to improper data removal. It affects Zoom Client users running versions before 6.5.10. The issue enables information disclosure without requiring authentication.

📋 TL;DR

This vulnerability in Zoom Clients allows unauthenticated attackers to access sensitive information through network access due to improper data removal. It affects Zoom Client users running versions before 6.5.10. The issue enables information disclosure without requiring authentication.

💻 Affected Systems

Products:

Zoom Client

Versions: All versions before 6.5.10

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations of Zoom Client before the patched version are vulnerable. No special configuration required for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access sensitive meeting data, chat history, or user information that should have been removed from the client, potentially exposing confidential business discussions or personal information.

🟠

Likely Case

Limited information disclosure of residual data that wasn't properly cleared from memory or storage, potentially revealing meeting topics, participant names, or timestamps.

🟢

If Mitigated

With proper network segmentation and access controls, the impact is limited to internal network access only, reducing exposure to external attackers.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires network access to the target system but no authentication. Exploitation likely involves network requests to improperly exposed endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.5.10

Vendor Advisory: https://www.zoom.com/en/trust/security-bulletin/zsb-25047

Restart Required: Yes

Instructions:

1. Open Zoom Client. 2. Click your profile picture. 3. Select 'Check for Updates'. 4. If update to 6.5.10 is available, install it. 5. Restart Zoom Client after installation.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Zoom Clients to trusted networks only

Firewall Rules

all

Block unnecessary inbound connections to Zoom Client ports

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach Zoom Clients
Monitor network traffic for unusual access patterns to Zoom Client endpoints

🔍 How to Verify

Check if Vulnerable:

Check Zoom Client version in Settings > About Zoom. If version is below 6.5.10, the system is vulnerable.

Check Version:

On Windows: "C:\Program Files\Zoom\bin\Zoom.exe" --version. On macOS: /Applications/zoom.us.app/Contents/MacOS/zoom.us --version. On Linux: zoom --version

Verify Fix Applied:

Confirm Zoom Client version is 6.5.10 or higher in Settings > About Zoom.

📡 Detection & Monitoring

Log Indicators:

Unusual network connections to Zoom Client ports
Multiple failed authentication attempts followed by successful data access

Network Indicators:

Unexpected inbound connections to Zoom Client default ports
Traffic patterns suggesting data exfiltration from Zoom processes

SIEM Query:

source="zoom" AND (event_type="connection" OR event_type="data_access") AND src_ip NOT IN [trusted_networks]

📊 Metadata

CVE ID: CVE-2025-62483

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-212

EPSS Score: 0.08% exploit probability (23.5th percentile)

Published: November 13, 2025

Last Updated: January 13, 2026

🔗 References

https://www.zoom.com/en/trust/security-bulletin/zsb-25047 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-62483, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Meeting Software Development Kit by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Rooms Controller by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Desktop by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

Workplace Virtual Desktop Infrastructure by Zoom

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Firewall Rules

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities