CVE-2025-62484

HIGH 8.1

Zoom Workplace Clients - Inefficient Regular Expression Complexity

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.

CWE	CWE-1333
Vendor	zoom communications inc.
Product	zoom workplace
Published	Nov 13, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for zoom communications inc. zoom workplace

Be the first to know when new high vulnerabilities affecting zoom communications inc. zoom workplace are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Affected Versions

Zoom Communications Inc. / Zoom Workplace

0 < 6.5.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zoom.com: https://www.zoom.com/en/trust/security-bulletin/zsb-25048