Improper Enforcement of a Single, Unique Action

CVE-2025-58135

Medium

5.3/10

Summary

Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-837 - Improper Enforcement of a Single, Unique Action

The software requires that an actor should only be able to perform an action once, or to have only one unique action, but the software does not enforce or improperly enforces this restriction.

References

Advisory Timeline

Published Sep 09, 2025

Improper Enforcement of a Single, Unique Action

CVE-2025-58135

Summary

CWE-837 - Improper Enforcement of a Single, Unique Action

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS