CVE-2025-30662
Description
Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.024
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-30662 are fixed in Zoom for MAC 6.3.14 | Mac |
| Vulnerabilities CVE-2025-30662 are fixed in Zoom for MAC (Intel) (6.4.12.56699) | Mac |
| Vulnerabilities CVE-2025-30662 are fixed in Zoom for MAC (Apple Silicon) (6.4.12.56699) | Mac |
| Vulnerabilities CVE-2025-30662 are fixed in Zoom for MAC (Intel) (6.5.10.62715) | Mac |
| Vulnerabilities CVE-2025-30662 are fixed in Zoom for MAC (Apple Silicon) (6.5.10.62715) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-612913 | Zoom IT for MAC (Intel) (6.6.11.70003) |
| PATCH-612912 | Zoom for MAC (Intel) (6.6.11.70003) |
| PATCH-612914 | Zoom for MAC (Apple Silicon) (6.6.11.70003) |
| PATCH-612912 | Zoom for MAC (Intel) (6.6.11.70003) |
| PATCH-612914 | Zoom for MAC (Apple Silicon) (6.6.11.70003) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234