Severity
High
Analysis Summary
Zoom has disclosed two critical security vulnerabilities in its Zoom Rooms software for Windows and macOS, impacting versions prior to 6.6.0. These flaws, tracked as ZSB-25050 and ZSB-25051, pose significant security risks in shared and enterprise environments such as boardrooms and huddle spaces. Organizations relying on Zoom Rooms for conference setups are particularly exposed to these issues, which could allow local attackers to escalate privileges or access sensitive information. Both vulnerabilities underline the importance of maintaining up-to-date collaboration software in hybrid work environments.
The first vulnerability, ZSB-25050, affects Zoom Rooms for Windows and stems from a failure in software downgrade protection. This high-severity flaw, reported by an anonymous researcher, enables unauthenticated local users to gain elevated privileges, potentially taking full control of the system. It carries a CVSS score of (High), with the vector indicating that local access is required but no user interaction is necessary for exploitation. Organizations running Windows versions of Zoom Rooms below 6.6.0 are urged to apply updates immediately to mitigate this risk.
The second vulnerability, ZSB-25051, affects Zoom Rooms for macOS and involves improper external control of file names or paths. This medium-risk issue can allow authenticated users to disclose sensitive information through local access and requires user interaction. With a CVSS score of(Medium), this vulnerability could compromise confidential data in enterprise deployments, emphasizing the need for careful management of file and path controls on macOS endpoints. Zoom recommends updating to version 6.6.0 or later to address this flaw and prevent potential data leakage.
Although no active exploitation has been reported, these vulnerabilities highlight ongoing security risks in collaboration tools, particularly as hybrid work environments increase reliance on shared devices. Enterprises should conduct audits of Zoom Rooms deployments, enforce least-privilege access, monitor for downgrade attempts, and ensure all systems are patched to the latest version. While CISA has not yet issued alerts, vulnerability trackers like NVD are expected to list these CVEs shortly, reinforcing the need for proactive mitigation measures.
Impact
- Sensitive Data Theft
- Privilege Escalation
- Gain Access
Indicators of Compromise
CVE
CVE-2025-67460
CVE-2025-67461
Affected Vendors
Remediation
- Upgrade all Zoom Rooms installations (Windows and macOS) to version 6.6.0 or later immediately.
- Ensure users on shared or enterprise devices have the minimum necessary privileges to reduce risk of local exploitation.
- Review all Zoom Rooms devices in boardrooms, huddle spaces, and other shared environments for outdated versions.
- On Windows systems, watch for attempts to downgrade Zoom Rooms software, which could bypass protections.
- Limit local access to trusted personnel only, reducing the attack surface for privilege escalation or information disclosure.
- Ensure file paths and names on macOS are properly controlled and monitored to prevent external manipulation.
- Continuously track Zoom security updates and vulnerability advisories, ensuring timely application of patches.
- Deploy security monitoring tools to detect suspicious activities related to Zoom Rooms usage and potential exploitation attempts.