CVE-2025-64741

HIGH 8.1

Zoom Workplace for Android - Improper Authorization Handling

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.

CWE	CWE-74
Vendor	zoom communications inc.
Product	zoom workplace for android
Published	Nov 13, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for zoom communications inc. zoom workplace for android

Be the first to know when new high vulnerabilities affecting zoom communications inc. zoom workplace for android are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Affected Versions

Zoom Communications Inc. / Zoom Workplace for Android

0 < 6.5.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zoom.com: https://www.zoom.com/en/trust/security-bulletin/zsb-25043