CVE Catalog

CVE-2026-53407

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile - higher than 14% of all known CVEs

Summary

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

Risk Assessment

The risk involves an attacker potentially gaining elevated privileges within the application without authentication, which could lead to unauthorized access to sensitive data or functions.

Recommendation

Immediately update Zoom Workplace to version 7.0.4 for Android or 7.0.3 for iOS. If an update is not possible, consider temporarily restricting the use of the application until patches are applied.

Original NVD description (English source)

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS