CVE-2025-67460 is a vulnerability classified under CWE-693 (Protection Mechanism Failure) affecting Zoom Rooms for Windows versions prior to 6.6.0. The issue stems from a software downgrade protection failure, which allows an unauthenticated attacker with local access and limited privileges to perform an escalation of privilege attack. Essentially, the vulnerability enables bypassing security controls intended to prevent the installation or execution of older, potentially vulnerable software versions. By exploiting this flaw, an attacker can downgrade Zoom Rooms software components to a less secure version, thereby gaining elevated privileges on the affected system. The CVSS v3.1 base score of 7.8 reflects high severity, with attack vector being local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). This vulnerability does not require network access or user interaction but does require local access, which limits remote exploitation but still poses a significant risk in environments where local access controls are weak or compromised. No public exploits or patches are currently available, but the vendor has acknowledged the issue and reserved the CVE. The vulnerability affects organizations using Zoom Rooms on Windows, particularly in environments where local users may attempt privilege escalation to gain unauthorized control.

The impact of CVE-2025-67460 is substantial for organizations relying on Zoom Rooms for Windows, especially in corporate, educational, and government environments where Zoom Rooms are deployed for meetings and collaboration. Successful exploitation allows an attacker with local access and limited privileges to escalate their privileges, potentially gaining administrative control over the system. This can lead to unauthorized access to sensitive meeting data, manipulation or disruption of Zoom Rooms functionality, and broader compromise of the host system. The high impact on confidentiality, integrity, and availability means attackers could exfiltrate confidential information, alter meeting content or configurations, and disrupt service availability. Although remote exploitation is not feasible, insider threats or attackers who gain local access through other means (e.g., physical access, compromised credentials) can leverage this vulnerability. This elevates risk in environments with shared workstations or insufficient endpoint security controls. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits once patches are released or if the vulnerability becomes widely known.

To mitigate CVE-2025-67460, organizations should take the following specific actions: 1) Upgrade Zoom Rooms for Windows to version 6.6.0 or later as soon as the patch is released by the vendor to address the downgrade protection failure. 2) Implement strict local access controls to limit who can log in or execute software on Zoom Rooms devices, including enforcing least privilege principles and using endpoint protection solutions. 3) Monitor and audit local user activities on Zoom Rooms systems to detect any unauthorized attempts to downgrade software or escalate privileges. 4) Employ application whitelisting to prevent execution of unauthorized or older versions of Zoom Rooms components. 5) Use system integrity monitoring tools to detect changes to Zoom Rooms software versions or configurations. 6) Educate users and administrators about the risks of local privilege escalation and enforce physical security controls to prevent unauthorized physical access to Zoom Rooms devices. 7) Coordinate with IT and security teams to integrate Zoom Rooms vulnerability management into broader patch management and incident response processes. These measures go beyond generic advice by focusing on controlling local access vectors and monitoring for downgrade attempts specific to this vulnerability.