PT-2026-60293 · Zoom · Zoom Workplace+1

CVE-2026-53412

·

Published

2026-07-14

·

Updated

2026-07-16

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zoom Workplace for Windows versions prior to 7.0.0 Zoom Workplace VDI Client for Windows versions prior to 7.0.10 Zoom Workplace VDI Client for Windows versions prior to 6.6.15 Zoom Workplace VDI Client for Windows versions prior to 6.5.18 Zoom Meeting SDK for Windows versions prior to 7.0.0
Description Improper input validation in the Windows desktop client, VDI client, and Meeting SDK may allow an unauthenticated attacker with network access to conduct an account takeover. This issue enables the hijacking of user accounts without requiring credentials from the attacker.
Recommendations Update Zoom Workplace for Windows to version 7.0.0 or later. Update Zoom Workplace VDI Client for Windows to version 7.0.10, 6.6.15, or 6.5.18, depending on the supported release branch. Update Zoom Meeting SDK for Windows to version 7.0.0 or later.

Fix

LPE

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-53412

Affected Products

Zoom Workplace
Zoom