cbcvebase.
CVE-2025-67460
published 2025-12-10

CVE-2025-67460: Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of…

PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.14%
3.4th percentile
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access.

Affected

2 ranges
VendorProductVersion rangeFixed in
zoomrooms< 6.6.06.6.0
zoom_communications_inczoom_rooms< 6.6.06.6.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.