Critical Vulnerability in Zoom Products
16 July 2026
Attackers can exploit a critical-severity vulnerability in Zoom to conduct an account takeover via network access. Users and administrators of affected products are advised to apply the latest security updates immediately
Background
Security updates have been released to address a critical vulnerability (CVE-2026-53412) affecting the Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and the Zoom Meeting SDK for Windows.
This vulnerability has a Common Vulnerability Scoring System (CVSS v3.1) score of 9.8 out of 10.
Impact
Successful exploitation of the input validation vulnerability could allow an unauthenticated remote attacker to conduct an account takeover via network access.
Affected Products
The following products are affected:
Zoom Workplace for Windows before version 7.0.0
Zoom Workplace VDI Client for Windows before version 7.0.10 and 6.6.15 and 6.5.18 in their respective branches
Recommendations
Users and administrators of affected products are advised to update to the latest versions immediately.
References
