Video conferencing software: Zoom Node possible entry point for malware attacks

Zoom Node servers are vulnerable, and attackers can execute malicious code. To prevent system compromise, administrators must install the available security patch.

Critical Vulnerability

Via Zoom Node, administrators for companies host Zoom workloads such as meetings and video calls. In a warning message, the developers state that the now-closed security vulnerability (CVE-2026-22844) is classified with a threat level of “critical.”

The vulnerability specifically affects the Multimedia Routers (MMRs) component. For an attack to succeed, an attacker must be a participant in a meeting. If this is the case, they can execute malicious code through an unspecified method.

The warning message provides no indication that attackers are already exploiting the vulnerability. However, administrators should not delay patching and should install one of the secured versions promptly. All previous versions are said to be vulnerable.

• Zoom Node Meetings Hybrid (ZMH) MMR module 5.2.1716.0
• Zoom Node Meeting Connector (MC) MMR module 5.2.1716.0

(des)