Zoom: Video conferencing software allows attackers to escalate privileges

Several security vulnerabilities have been discovered in Zoom's videoconferencing software. Some are considered critical and, among other things, allow attackers from the network to escalate their privileges. Updates are available.

A vulnerability affects the mail function of Zoom Workplace for Windows, which allows attackers from the network to escalate their privileges without prior authentication due to external control of a file name or path (CVE-2026-30903, CVSS 9.6, Risk “critical”). Insufficient privilege management in some Zoom clients for Windows allows authenticated users to escalate their local access privileges (CVE-2026-30902, CVSS 7.8, Risk “high”). The same can happen due to insufficient checking for a minimum version in the update function in Zoom clients for Windows (CVE-2026-30900, CVSS 7.8, Risk “high”).

Zoom: Four security vulnerabilities, high-risk to critical

A fourth security vulnerability allows authenticated attackers with local access to escalate privileges due to insufficient checking in Zoom Rooms for Windows in kiosk mode (CVE-2026-30901, CVSS 7.0, Risk “high”). Zoom does not provide more precise details about the vulnerabilities.

The developers have corrected the security-relevant errors in the versions Zoom Workplace for Windows 6.6.11, Zoom Workplace VDI Client for Windows 6.4.17, 6.5.15 and 6.6.10, Zoom Meeting SDK for Windows 6.6.11, and Zoom Rooms for Windows 6.6.5 and newer. The latest versions can be found in the download portal on the Zoom website. However, calling winget upgrade --all at the command prompt should also find, download, and install the available Zoom updates (and others) in Windows.

At the end of January, Zoom developers had to close security vulnerabilities in Zoom Node servers. Attackers could have used these as a starting point for malware attacks.

(dmk)