Zoom Clients for Windows - Improper Privilege Management

Bulletin: ZSB-26004
CVEID: CVE-2026-30902
CVSS Severity: High
CVSS Score: 7.8
CVSS Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description:

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download.

Affected Products:

Zoom Workplace for Windows before version 6.6.0
Zoom Workplace VDI Client for Windows before versions 6.4.15 and 6.5.13 and 6.6.10 in their respective branch
Zoom Rooms for Windows before version 6.6.0

Source:

Reported by sim0nsecurity

Revision	Date	Description
1.0	03/10/2026	Initial publication.

Zoom Clients for Windows - Improper Privilege Management

Subscribe for updates