VDB

CVE-2025-64740

CVE-2025-64740 PUBLISHED CVSS 7.5 HIGH

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

EPSS 0.01% · 0.7th percentile

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.01%
0.7th percentile

Affected Products

VendorProductVersions
Zoom Communications Inc.Zoom Workplace VDI Clientsee references
zoomworkplace_virtual_desktop_infrastructure0, 6.4.10

Timeline

  • Nov 11, 2025 PoC Published
  • Nov 12, 2025 PoC Published
  • Nov 13, 2025 CVE Published
  • Nov 13, 2025 PoC Published
  • Nov 14, 2025 EPSS Score
  • Nov 19, 2025 EPSS Score
  • Nov 24, 2025 EPSS Score
  • Nov 29, 2025 EPSS Score
  • Dec 4, 2025 EPSS Score
  • Dec 9, 2025 EPSS Score
  • Dec 14, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›