CVE-2026-53407

Summary

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.

Affected Software

VendorProductVersion RangeStatus
Zoom CommunicationsZoom Workplace0 < 7.0.4affected

Weaknesses

  • CWE-939: CWE-939 Improper authorization in handler for custom URL scheme

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References