Cyber Resilience

CVE-2025-64741

High

Published: 13 November 2025

Published
13 November 2025
Modified
14 November 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS Score 0.0010 27.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-64741 is a high-severity Injection (CWE-74) vulnerability in Zoom Workplace (inferred from references). Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 27.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-64741 involves improper authorization handling (CWE-74) in Zoom Workplace for Android versions before 6.5.10. This vulnerability enables an unauthenticated user to conduct an escalation of privilege via network access. It carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) and was published on 2025-11-13T15:15:54.110.

An unauthenticated attacker can exploit this vulnerability over the network with low attack complexity, requiring some user interaction but no prior privileges. Successful exploitation allows escalation of privilege, resulting in high impacts to confidentiality and integrity, though availability remains unaffected and the scope is unchanged.

Zoom's security bulletin at https://www.zoom.com/en/trust/security-bulletin/zsb-25043 provides details on the vulnerability. Mitigation requires updating to Zoom Workplace for Android version 6.5.10 or later.

EU & UK References

Vulnerability details

Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The vulnerability explicitly enables escalation of privilege through exploitation of improper authorization, directly mapping to T1068: Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-25586Shared CWE-74
CVE-2026-30932Shared CWE-74
CVE-2024-39604Shared CWE-74
CVE-2025-20337Shared CWE-74
CVE-2026-42334Shared CWE-74
CVE-2025-67733Shared CWE-74
CVE-2026-25520Shared CWE-74
CVE-2026-2469Shared CWE-74
CVE-2026-22200Shared CWE-74
CVE-2025-64428Shared CWE-74

Affected Assets

Zoom
Workplace
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires enforcement of approved authorizations for logical access, directly countering the improper authorization handling that enables privilege escalation in Zoom Workplace for Android.

prevent

Mandates identification, reporting, and correction of system flaws, ensuring timely patching of this vulnerability fixed in version 6.5.10.

prevent

Employs least privilege to restrict unnecessary access, limiting the impact of privilege escalation even if authorization is bypassed.

References