CVE-2025-64739 is a vulnerability classified under CWE-73 (External Control of File Name or Path) affecting Zoom Communications Inc.'s Zoom Clients. The flaw allows an unauthenticated remote attacker to influence file names or paths used by the application, potentially leading to unauthorized disclosure of information over the network. Specifically, the vulnerability arises when the Zoom Client improperly handles externally supplied input that controls file path parameters, enabling attackers to access sensitive files or data that should otherwise be protected. The vulnerability does not require any privileges or prior authentication but does require user interaction, such as clicking a malicious link or opening a crafted Zoom message. The CVSS v3.1 base score is 4.3, indicating medium severity, with the vector AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N, meaning network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and only confidentiality impact. No known exploits have been reported in the wild as of the publication date. The affected versions are not explicitly listed but are referenced in vendor advisories. The vulnerability could allow attackers to disclose sensitive information from the victim's system by manipulating file paths used by Zoom Clients, potentially exposing private meeting data or user files. This type of vulnerability is critical to address in communication platforms due to their widespread use and access to sensitive information.

For European organizations, this vulnerability poses a risk of unauthorized information disclosure, which can compromise confidentiality of sensitive communications, internal documents, or user data transmitted or stored via Zoom Clients. Sectors such as government, finance, healthcare, and critical infrastructure that rely heavily on Zoom for secure communications may face increased risk of data leakage. Although the vulnerability does not affect system integrity or availability, the exposure of confidential information can lead to reputational damage, regulatory penalties under GDPR, and potential exploitation by threat actors for espionage or targeted attacks. The requirement for user interaction reduces the likelihood of mass exploitation but targeted phishing campaigns could leverage this vulnerability effectively. Organizations with remote or hybrid workforces using Zoom extensively are particularly vulnerable. The lack of known exploits currently provides a window for proactive mitigation before active attacks emerge.

1. Apply official patches or updates from Zoom as soon as they become available to remediate the vulnerability. 2. Until patches are released, restrict network access to Zoom Clients by implementing firewall rules that limit communication to trusted Zoom servers only. 3. Educate users to be cautious of unsolicited Zoom meeting links or messages that could trigger the vulnerability, emphasizing the risk of interacting with unknown or suspicious content. 4. Monitor network traffic and Zoom client logs for unusual file path requests or access patterns indicative of exploitation attempts. 5. Employ endpoint security solutions capable of detecting anomalous file access or path manipulation behaviors. 6. Consider deploying application whitelisting or sandboxing techniques to limit the Zoom Client’s ability to access arbitrary file paths. 7. Coordinate with IT and security teams to integrate Zoom client vulnerability management into broader patch management and incident response processes. 8. Review and enforce least privilege principles for user accounts to minimize potential impact if exploitation occurs.