VDB
CVE-2025-64740
CVE-2025-64740
PUBLISHED
CVSS 7.5 HIGH
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
EPSS 0.01% · 0.7th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.01%
0.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zoom Communications Inc. | Zoom Workplace VDI Client | see references |
| zoom | workplace_virtual_desktop_infrastructure | 0, 6.4.10 |
Timeline
- Nov 11, 2025 PoC Published
- Nov 12, 2025 PoC Published
- Nov 13, 2025 CVE Published
- Nov 13, 2025 PoC Published
- Nov 14, 2025 EPSS Score
- Nov 19, 2025 EPSS Score
- Nov 24, 2025 EPSS Score
- Nov 29, 2025 EPSS Score
- Dec 4, 2025 EPSS Score
- Dec 9, 2025 EPSS Score
- Dec 14, 2025 EPSS Score
- Dec 19, 2025 EPSS Score