Zoom and Xerox Release Critical Security Updates. (CVE-2025-49457)

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws.

Zoom and Xerox have both released critical security updates to address serious vulnerabilities, including privilege escalation and remote code execution (RCE) flaws. These flaws could allow attackers to gain unauthorized access and execute malicious code remotely.

Zoom Vulnerabilities and CVE-2025-49457

Zoom’s update addresses a privilege escalation vulnerability tracked as CVE-2025-49457. This flaw could have allowed attackers to elevate their user privileges, potentially compromising the system and gaining access to sensitive data or modifying system settings without authorization.

Xerox Vulnerabilities

Xerox’s update focuses on fixing an RCE vulnerability in its software, which could have enabled attackers to execute arbitrary code on affected devices, potentially taking full control of the system.

Why It Matters

Both vulnerabilities pose significant risks, including unauthorized access, data breaches, and system compromise. It is crucial that users apply these patches immediately to secure their systems from potential exploitation. By releasing these updates, Zoom and Xerox have acted swiftly to protect users from these critical flaws. Users should ensure their software is up-to-date to defend against these evolving cyber threats.