A security vulnerability has been discovered in Zoom Workplace that could allow attackers to escalate their privileges on affected systems.
The flaw, rated with a CVSS score of 7.5, stems from improper verification of cryptographic signatures in the Zoom Workplace VDI Client installer.
Due to the severity of the potential risk if exploited, the company has issued a patch for users to fix the flaw.
Examining the Issue
The vulnerability in the Zoom Workplace VDI Client installer means the installer doesn’t verify whether installation files are legitimate before running them.
Although this is an issue in itself, the real problem occurs if systems are already breached. Attackers who already have local access to a system can exploit this flaw to escalate their privileges – from a regular user to an administrator. Once inside, they can access sensitive data or install malware that affects the entire organization.
Security researchers at Mandiant, a Google-owned threat intelligence firm, discovered and reported the issue to Zoom, which has since released a patch.
Organizations using Zoom Workplace VDI Client for Windows are at risk if they are running any version earlier than:
- Version 6.3.14
- Version 6.4.12
- Version 6.5.10
All previous versions in these tracks are affected. Since VDI environments are vital for remote work and secure computing, this vulnerability is especially concerning for enterprises relying on virtual desktops.
Although exploitation requires local access and user interaction, the severity of the flaw means Zoom Workplace users should update their VDI Client installations immediately from the official Zoom download center.
Keeping UC Systems Safe
Security researchers note that signature validation failures such as the one found in Zoom have historically led to supply chain compromises, where attackers inject malware into legitimate software distributions.
This is increasingly a risk for enterprises as UC systems become more deeply integrated with company file-sharing and cloud platforms.
Indeed, this recent warning follows a pattern of frequent Zoom updates throughout 2025, addressing over a dozen vulnerabilities since August.
With risks to UC systems rising, staying up to date with your company’s UC provider will be essential to keeping systems safe.
