PT-2026-60293 · Zoom · Zoom Workplace+1
CVE-2026-53412
·
Published
2026-07-14
·
Updated
2026-07-16
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Zoom Workplace for Windows versions prior to 7.0.0
Zoom Workplace VDI Client for Windows versions prior to 7.0.10
Zoom Workplace VDI Client for Windows versions prior to 6.6.15
Zoom Workplace VDI Client for Windows versions prior to 6.5.18
Zoom Meeting SDK for Windows versions prior to 7.0.0
Description
Improper input validation in the Windows desktop client, VDI client, and Meeting SDK may allow an unauthenticated attacker with network access to conduct an account takeover. This issue enables the hijacking of user accounts without requiring credentials from the attacker.
Recommendations
Update Zoom Workplace for Windows to version 7.0.0 or later.
Update Zoom Workplace VDI Client for Windows to version 7.0.10, 6.6.15, or 6.5.18, depending on the supported release branch.
Update Zoom Meeting SDK for Windows to version 7.0.0 or later.
Fix
LPE
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zoom Workplace
Zoom