CVE-2026-53408
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk11th percentile - higher than 11% of all known CVEs
Summary
In Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS, improper authorization in the handler for custom URL scheme may allow an unauthenticated user to conduct an escalation of privilege via network access.
Risk Assessment
The organization may be exposed to unauthorized access to resources, potentially leading to serious security breaches and data loss.
Recommendation
It is recommended to update the Zoom Workplace application to the latest version to mitigate this vulnerability and conduct a security audit to assess potential threats.
Original NVD description (English source)
Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

