CVE-2026-53406
Received Received - Intake
Insufficient Verification of Data Authenticity in Zoom Contact Center for Windows

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: Zoom Video Communications, Inc.

Description
Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-53406
EUVD
EUVD-2026-36521
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zoom contact_center to 7.0.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-53406 is a vulnerability in the Remote Control feature of Zoom Contact Center for Windows versions before 7.0.0. It involves insufficient verification of data authenticity, which means the system does not properly confirm that the data it receives is genuine and trustworthy.

This flaw allows an authenticated user with local access to potentially escalate their privileges, meaning they could gain higher-level permissions than intended.

Impact Analysis

This vulnerability can have a significant impact because it allows an authenticated local user to escalate their privileges on the affected system.

  • An attacker with local access could gain higher permissions, potentially leading to unauthorized access to sensitive data or system controls.
  • The vulnerability has a high severity rating with a CVSS score of 7.8, indicating a substantial risk to confidentiality, integrity, and availability.
  • Exploitation could result in compromise of system security and unauthorized actions performed by the attacker.
Mitigation Strategies

To mitigate the CVE-2026-53406 vulnerability, users should update Zoom Contact Center on Windows systems to version 7.0.0 or later.

Applying the latest updates from Zoom's official download page is recommended to maintain security and prevent privilege escalation via the Remote Control feature.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53406. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart