CVE-2026-30905

Summary

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access.

Affected Software

VendorProductVersion RangeStatus
Zoom CommunicationsZoom Workplace VDI Plugin0 < 6.6.11affected

Weaknesses

  • CWE-73: CWE-73 External control of file name or path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References