CVE Daily

CVE-2025-46788

Improper certificate validation in Zoom Workplace for Linux before version 6.4.1...

High CVSS 7.4

Overview

Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.

CWE: CWE-295 Published: 2025-07-10T16:15:24.050
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.4 (HIGH)
  • Detected tags: crypto, info_leak, unauth_access (tag impact: HIGH)

Recommended actions:

  • Drop weak ciphers/protocols; prefer modern, safe defaults.
  • Reduce verbose errors, remove debug endpoints, minimize PII in logs.
  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags