CERT-In Highlights Zoom Security Flaws That Could Let Hackers Access Meeting, Sensitive Information

CERT-In has advised Zoom users on Windows, macOS, Android, iOS, and iPadOS to download the latest update with security fixes.

Advertisement
Written by Dhruv Raghav, Edited by David Delima | Updated: 17 October 2025 15:35 IST
Highlights
  • Zoom has addressed the vulnerabilities and released a patch
  • CERT-In said that the flaws exist due to improper input sanitisation
  • Zoom's older version failed to properly validate user IDs

Zoom released to updates on October 14 to fix the issue

Photo Credit: Zoom

The Indian Computer Emergency Response Team (CERT-In) has published a vulnerability note alerting Zoom users that multiple security flaws have been detected on certain versions of the video conferencing platform. The vulnerability exists across operating systems like Windows, macOS, iOS, and Android. By exploiting the flaw, hackers can gain unauthorised access to Zoom Rooms, remotely execute malicious commands, exit meetings, reveal information not meant to be shared, and access configuration data. The issue has since been resolved in a recently rolled out update, and users are urged to update to the latest version.

Multiple Security Flaws Spotted in Certain Versions of Zoom

In its latest vulnerability note CIVN-2025-0261, CERT-In warns Zoom users about multiple vulnerabilities with a "medium" severity rating. The security flaws were found in the Zoom for Windows, macOS, Android, and iOS versions 6.5.1. The vulnerabilities can be exploited by threat actors, allowing them to gain unauthorised access to meetings and configuration data. Moreover, the same can be misused by bad actors to disclose sensitive information and execute arbitrary commands, like running scripts.

Advertisement

CERT-In highlighted that the vulnerability affects both individuals and organisations using the video conferencing software, compromising the security of the ongoing and future meetings.

However, the company has already patched the vulnerabilities in an update rolled out on October 14. CERT-In advises people using the above-mentioned versions of the app to update to the latest available version of Zoom on their device. This will help them protect themselves against cyberattacks, which compromise their personal data and sensitive organisational information like trade secrets.

Advertisement

Zoom said that the authentication bypass issue allowed unauthenticated users to disclose information via network access. On the other hand, the command injection flaw in Zoom Clients for Windows allowed authenticated users to disclose information after gaining network access.

The security vulnerabilities seem to exist due to improper input sanitisation and inadequate session validation, CERT-In said. This means that these particular Zoom versions do not validate the user ID of the person joining Zoom Rooms. Moreover, the video conferencing platform has been unable to adequately filter and transform the input data provided by users before it is fed into the system.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement
Popular Mobile Brands
  1. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  2. Rise of the Ronin, Dying Light and More Join PS Plus Game Catalogue in July
  3. OnePlus Phones Will Soon Run on ColorOS 17 Instead of OxygenOS
  1. iPad Mini With OLED Screen to Reportedly Launch in October as Apple Prepares Base iPad, iPad Air Refreshes
  2. Google Rebrands NotebookLM as Gemini Notebook; Brings Cloud Computing and Search Integration
  3. Samsung Music Studio 5, Music Studio 7 Wi-Fi Speakers Launched in India
  4. Ostium Suspends Trading Following Oracle Security Incident Drains Millions
  5. Oppo’s New A Series, Upcoming OnePlus Mid-Range Smartphones Tipped to Launch With 10,000mAh Batteries
  6. WhatsApp Reportedly Rolls Out Mic Mode Controls for iPhone Calls
  7. Former Rockstar Games Developer Explains Why GTA 6 Maker Launches Games on PC After Consoles
  8. Samsung Galaxy Tab S12 Ultra CAD Renders Leaked Online; Reveals Familiar Look
  9. Apple Back to School Sale Now Live in India, Bringing Offers on MacBook Air, iPad Pro and More
  10. Realme Could Replace Realme UI With ColorOS 17 in India: Report
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.