Zoom warns of critical account takeover vulnerability
AI Generated Image

Zoom warns of critical account takeover vulnerability

BleepingComputer technology

Key Points:

  • Zoom has disclosed a critical vulnerability (CVE-2026-53412) in its Windows desktop client and SDK that could allow unauthenticated attackers to hijack user accounts, with a severity score of 9.8 out of 10.
  • The flaw affects Zoom Workplace for Windows versions before 7.0.0, Windows VDI Client versions before 7.0.10, 6.6.15, and 6.5.18, and the Meeting SDK for Windows before version 7.0.0.
  • The vulnerability stems from improper input validation and could enable account takeover via network access without authentication, according to Zoom's advisory.
  • Zoom urges users to update to the latest versions to mitigate this and several other high-severity privilege escalation vulnerabilities fixed in recent patches.
  • There are currently no reports of these vulnerabilities being exploited in the wild.

Trending Business

Trending Technology

Trending Health