CVE-2026-53406

Published: Jun 12, 2026Modified: Jun 12, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: security@zoom.us (Secondary)

Description

Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access.

Related CWEs

CWE-345

Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

References (1)

https://www.zoom.com/en/trust/security-bulletin/zsb-26009

Source: security@zoom.us

Timeline

No history available yet.