CVE-2025-62484
Published: 13 November 2025
Summary
CVE-2025-62484 is a high-severity Inefficient Regular Expression Complexity (CWE-1333) vulnerability in Zoom Meeting Software Development Kit. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 25.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely identification, reporting, and correction of flaws, directly addressing the inefficient regex vulnerability by mandating patches to Zoom Workplace Clients version 6.5.10 or later.
Validates incoming network inputs to the Zoom client to block or sanitize crafted regex patterns that trigger excessive computation and potential privilege escalation.
Monitors and scans systems for vulnerabilities like CVE-2025-62484 to identify and prioritize remediation of affected Zoom Workplace Clients.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a client-side ReDoS flaw exploitable via crafted network input requiring user interaction, enabling client execution (T1203) and directly leading to privilege escalation (T1068).
NVD Description
Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.
Deeper analysisAI
CVE-2025-62484 is a high-severity vulnerability stemming from inefficient regular expression complexity (CWE-1333) in certain Zoom Workplace Clients prior to version 6.5.10. This flaw affects the client software, enabling potential exploitation through crafted network input that triggers excessive computation during regex processing, commonly known as a ReDoS (Regular Expression Denial of Service) condition adapted for privilege escalation.
An unauthenticated attacker (PR:N) with network access (AV:N) can exploit this vulnerability with low complexity (AC:L), though it requires user interaction (UI:R), such as a user clicking a malicious link or accepting a connection in a Zoom session. Successful exploitation leads to escalation of privilege, granting high confidentiality (C:H) and integrity (I:H) impacts without affecting availability (A:N) or changing scope (S:U), as scored at CVSS 8.1 (CVSS:3.1). The attacker could potentially manipulate client privileges to access sensitive data or alter application behavior.
Zoom's security bulletin (ZSB-25048) advises updating affected Zoom Workplace Clients to version 6.5.10 or later as the primary mitigation, addressing the regex inefficiency to prevent exploitation.
Details
- CWE(s)