If you’re running Zoom on Windows or using Xerox FreeFlow Core in your organization, it’s time to update fast. Both companies have released patches this week to fix critical flaws that could allow attackers to take control of systems, escalate privileges, and, in some cases, execute code remotely.
These are high-severity bugs, with some rated near the top of the scale. That means attackers could potentially use them to get deep into corporate networks, steal data, or disrupt business.
Zoom fixes privilege escalation flaw
Zoom has released a major vulnerability in its Windows clients, tracked as CVE-2025-49457 with a CVSS score of 9.6 out of 10. The bug is an untrusted search path, a type of bug that allows attackers to trick the system into loading malicious files instead of legitimate ones.
According to Zoom’s own security team, which discovered the issue, an unauthenticated user could escalate their privileges over a network connection. In other words, someone without login credentials could potentially gain admin-level access.
The affected products are Zoom Workplace for Windows, Zoom Workplace VDI for Windows, Zoom Rooms for Windows, Zoom Rooms Controller for Windows, and Zoom Meeting SDK for Windows.
Xerox FreeFlow Core hit with multiple vulnerabilities
At the same time, Xerox addressed a pair of vulnerabilities in FreeFlow Core, its workflow automation software used in print production. Security researchers at Horizon3.ai say these are not only severe but also easy to exploit.
- CVE-2025-8355 (CVSS 7.5): An XML External Entity (XXE) injection bug that allows server-side request forgery (SSRF) attacks. The bug is in how the system parses XML commands in print job messages without sanitizing external entities.
- CVE-2025-8356 (CVSS 9.8): A path traversal vulnerability that attackers could leverage for remote code execution. This happens when crafted upload commands trick the system into storing malicious files in sensitive locations.
Researchers explained that CVE-2025-8356 could be weaponized to install a so-called web shell, which is a small piece of malicious code granting attackers remote control of the system. Even though certain ports don’t directly serve files, Xerox’s web portals provide enough functionality for attackers to execute and host the payload.
The company has patched both flaws in version 8.0.4 of FreeFlow Core. Organizations relying on older versions should prioritize upgrading without delay.
Why it matters for businesses
Privilege escalation and remote code execution vulnerabilities aren’t just technical issues; they’re an open door for full-on cyberattacks. An attacker with admin privileges could disable defenses, move laterally across the network, or exfiltrate sensitive data.
Experts say that given how widely used Zoom and Xerox products are in the enterprise, the impact is big. Especially in industries like healthcare, finance, and government, where both are critical to daily operations.
The timing also highlights a bigger trend: even well-established software vendors are finding flaws in their products, which is why layered security and continuous monitoring are key.
Both Zoom and Xerox have moved quickly to address these vulnerabilities, but the ball is now in the court of the end users and IT teams. Without those updates, your systems remain exposed. The moral of the story? Don’t delay those software patches; today’s minor annoyance could save you from tomorrow’s big breach.
