CVE-2026-53408 HIGH

CVE-2026-53408

Vendor Zoom Communications
Product Zoom Workplace
Weakness CWE-939
Published June 12, 2026
Last update June 16, 2026

CVSS base score

8.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

Key dates

02Disclosure timeline

June 12, 2026 CVE published
June 16, 2026 Record updated