CVE-2026-22844
Command Injection in Zoom MMR Enables Remote Code Execution
Publication date: 2026-01-20
Last updated on: 2026-01-20
Assigner: Zoom Video Communications, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zoom | node_multimedia_routers | to 5.2.1716.0 (exc) |
| zoom | node_meetings_hybrid | to 5.2.1716.0 (exc) |
| zoom | node_meeting_connector | to 5.2.1716.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote code execution on Zoom Node Multimedia Routers, potentially compromising confidentiality, integrity, and availability of data. Such a compromise could lead to violations of data protection requirements under standards like GDPR and HIPAA, which mandate safeguarding sensitive information and ensuring system security. Therefore, if exploited, this vulnerability may negatively impact compliance with these regulations by exposing protected data or disrupting secure operations. [1]
Can you explain this vulnerability to me?
This vulnerability is a critical Command Injection flaw in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0. It allows a meeting participant to execute remote code on the MMR via network access, meaning an attacker can run arbitrary commands on the affected system remotely. [1]
How can this vulnerability impact me? :
The vulnerability can lead to remote code execution on the affected Zoom MMR, potentially compromising the confidentiality, integrity, and availability of the system. This means an attacker could take control of the MMR, access sensitive data, disrupt services, or alter system operations. [1]
What immediate steps should I take to mitigate this vulnerability?
Administrators are strongly advised to update Zoom Node Multimedia Routers (MMRs) to version 5.2.1716.0 or later following Zoom's update management procedures to mitigate the risk of this critical Command Injection vulnerability. [1]