CVE-2026-53406
Analyzed
Analyzed - Analysis Complete
Insufficient Verification of Data Authenticity in Zoom Contact Center for Windows
Vulnerability report for CVE-2026-53406, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-12
Last updated on: 2026-06-29
Assigner: Zoom Video Communications, Inc.
Description
Description
Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zoom | remote_control | to 7.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-345 | The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data. |