CVE-2026-53407
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.
Risk Assessment
The risk involves an attacker potentially gaining elevated privileges within the application without authentication, which could lead to unauthorized access to sensitive data or functions.
Recommendation
Immediately update Zoom Workplace to version 7.0.4 for Android or 7.0.3 for iOS. If an update is not possible, consider temporarily restricting the use of the application until patches are applied.
Original NVD description (English source)
Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

