CVE Catalog

CVE-2026-53408

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

11th percentile - higher than 11% of all known CVEs

Summary

In Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS, improper authorization in the handler for custom URL scheme may allow an unauthenticated user to conduct an escalation of privilege via network access.

Risk Assessment

The organization may be exposed to unauthorized access to resources, potentially leading to serious security breaches and data loss.

Recommendation

It is recommended to update the Zoom Workplace application to the latest version to mitigate this vulnerability and conduct a security audit to assess potential threats.

Original NVD description (English source)

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS