Critical Security Advisory: Zoom Patches Multiple Privilege Escalation and Information Disclosure Vulnerabilities

A newly disclosed set of vulnerabilities within the Zoom software ecosystem has prompted an urgent security advisory. These flaws, ranging from high-severity privilege escalation to lower-risk information disclosure, could allow authenticated attackers to gain unauthorized control over Windows-based systems or compromise user privacy on iOS devices.

In response, Zoom has released critical patches to mitigate these risks across its Windows and iOS applications.

The primary concern for enterprise environments lies in the ability of an attacker to execute a Privilege Escalation (PE) attack. In such a scenario, a user with limited, standard permissions can exploit architectural weaknesses to gain administrative or “SYSTEM” level access, effectively bypassing the operating system’s security boundaries.

Critical Flaws in Zoom Rooms and Workplace for Windows

The most significant threats target Windows-based deployments, specifically focusing on installer vulnerabilities that can be weaponized by local actors.

1. Zoom Rooms for Windows (CVE-2026-30906)
Tracked as CVE-2026-30906, this high-severity vulnerability holds a CVSS base score of 7.8. The root cause is an Untrusted Search Path flaw within the software’s installer. If an attacker has already established a foothold on a machine with standard user privileges, they can manipulate the search order to execute malicious code with elevated permissions. This is a common technique used by threat actors to disable endpoint detection and response (EDR) tools or deploy ransomware deep within a corporate network. This vulnerability affects all versions of Zoom Rooms for Windows prior to version 7.0.0.

2. Zoom Workplace VDI Plugin (CVE-2026-30905)
Discovered by security researcher “sim0nsecurity,” CVE-2026-30905 also carries a CVSS score of 7.8. This flaw stems from the external control of a file name or path within the Windows Universal Installer. By manipulating these paths, a local authenticated user can trigger unauthorized code execution. This specifically impacts the Zoom Workplace VDI Plugin (version 6.6.10); users must migrate to version 6.6.11 or newer to remediate the risk.

iOS Privacy Concerns: Information Disclosure

While the Windows vulnerabilities pose a direct threat to system integrity, mobile users face a different, albeit lower-impact, risk. CVE-2026-30904, reported by researcher “errorsec_,” involves a protection mechanism failure within the Zoom Workplace app for iOS.

With a CVSS score of 1.8, the technical risk is classified as low because an attacker requires physical access to the unlocked iOS device to exploit the flaw. However, the vulnerability could lead to unauthorized information disclosure, representing a significant privacy concern for users handling sensitive data on mobile devices. This affects all iOS app versions older than 7.0.0.

CVE ID Affected Product Vulnerability Vector Severity CVSS Score
CVE-2026-30906 Zoom Rooms (Windows) Untrusted Search Path High 7.8
CVE-2026-30905 Zoom Workplace VDI (Windows) Path/Filename Manipulation High 7.8
CVE-2026-30904 Zoom Workplace (iOS) Protection Mechanism Failure Low 1.8

Remediation and Best Practices

Privilege escalation vulnerabilities are “force multipliers” for attackers, allowing them to move laterally from a single compromised workstation to the broader enterprise network. To mitigate these risks, IT administrators and end-users should take the following steps immediately:

  • Update Zoom Rooms: Ensure all Windows-based Zoom Rooms are updated to version 7.0.0 or higher.
  • Patch VDI Plugins: Update the Zoom Workplace VDI Plugin to version 6.6.11 or later.
  • Update iOS Applications: Deploy the latest Zoom Workplace update via the Apple App Store to all mobile devices.
  • Verify Integrity: For enterprise environments, use centralized management tools to audit software versions across the fleet.

To ensure you are downloading authentic and secure software, always use the official Zoom Download Center.

Related Articles

Back to top button