Skip to main content

Zoom Workplace CVE-2026-53412

| EUVDEUVD-2026-45048 CRITICAL
Improper Input Validation (CWE-20)
2026-07-16 Zoom GHSA-xq34-4qgv-ggmc
9.8
CVSS 3.1 · Vendor: Zoom
Share

Severity by source

Vendor (Zoom) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
9.1 CRITICAL

Unauthenticated remote low-complexity account takeover gives C:H/I:H and PR:N/UI:N; A set to N since account takeover impacts confidentiality and integrity, not availability as described.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Zoom).

CVSS VectorVendor: Zoom

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
Jul 16, 2026 - 23:03 EUVD
Analysis Generated
Jul 16, 2026 - 22:00 vuln.today
CVE Published
Jul 16, 2026 - 21:15 cve.org
CRITICAL 9.8

DescriptionCVE.org

Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.

AnalysisAI

Account takeover in Zoom's Windows client family - the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows - lets a remote, unauthenticated attacker seize control of a victim's account by sending crafted input over the network, per Zoom's security bulletin ZSB-26014. The flaw stems from improper input validation (CWE-20) and carries a vendor CVSS of 9.8, reflecting full confidentiality, integrity, and availability impact with no privileges or user interaction. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach target Zoom Windows client
Delivery
Send crafted malformed input
Exploit
Bypass input validation (CWE-20)
Execution
Manipulate authentication/session state
Impact
Take over victim account

Vulnerability AssessmentAI

Exploitation Per the CVSS vector (AV:N/AC:L/PR:N/UI:N), exploitation requires no authentication and no user interaction - an unauthenticated attacker with network access to a Windows Zoom Desktop Client, VDI Client, or an application built on the Zoom Meeting SDK for Windows can trigger it. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, score 9.8) signals a worst-case profile: remote, low-complexity, unauthenticated, no user interaction, with full triad impact - precisely the pattern that warrants urgent remediation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A remote attacker sends specially crafted, malformed input to a targeted Zoom Windows client or an application embedding the Meeting SDK, abusing the missing input validation to manipulate authentication or session handling and take over the associated account without any credentials or user interaction. Given AV:N/AC:L, the attacker needs only network reachability to the client and no local access. …
Remediation Apply the update referenced in Zoom's advisory - Patch available per vendor advisory (ZSB-26014, https://www.zoom.com/en/trust/security-bulletin/zsb-26014); the input data does not include an exact fixed version number, so consult the bulletin for the specific patched build and upgrade the Zoom Desktop Client, VDI Client, and Meeting SDK for Windows to it. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, identify all Windows Zoom users in your organization and alert them to monitor for unauthorized account access or suspicious meeting activity, then enable detailed logging on all Zoom accounts to capture potential compromise attempts. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-53412 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy