Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Home/CyberSecurity News/Critical Zoom Rooms, Workspaces Flaws Let Attackers Escalate Privileges
CyberSecurity News

Critical Zoom Rooms, Workspaces Flaws Let Attackers Escalate Privileges

Key Takeaways Three new vulnerabilities have been identified in Zoom’s software, potentially allowing local attackers to achieve system-level access. The most critical flaws, CVE-2026-30906 and...

Sarah simpson
Sarah simpson
May 12, 2026 3 Min Read
50 0

Key Takeaways

  • Three new vulnerabilities have been identified in Zoom’s software, potentially allowing local attackers to achieve system-level access.
  • The most critical flaws, CVE-2026-30906 and CVE-2026-30905, affect Zoom Rooms for Windows and the Zoom Workplace VDI Plugin, enabling privilege escalation.
  • A lower-severity issue, CVE-2026-30904, impacts Zoom Workplace for iOS, risking sensitive information disclosure with physical device access.
  • Zoom has released patches for all identified vulnerabilities.
  • Immediate patching is crucial for all affected users and organizations to prevent exploitation.

Recently uncovered security vulnerabilities within the Zoom ecosystem present a significant risk, potentially enabling local attackers to gain full control over compromised systems. As virtual communication platforms remain central to organizational operations, these findings underscore the ongoing efforts by threat actors to exploit widely used collaboration tools.

Table Of Content

  • Key Takeaways
  • High-Severity Windows Vulnerabilities
  • Untrusted Search Path in Zoom Rooms
  • External Control of File Name or Path in VDI Plugin
  • Lower-Severity iOS Vulnerability
  • What You Should Do

Zoom has proactively addressed these concerns by issuing rapid patches for three distinct security flaws impacting Zoom Rooms for Windows, the Zoom Workplace VDI Plugin, and Zoom Workplace for iOS. The most severe of these vulnerabilities, if left unpatched, could allow authenticated users to quietly elevate their privileges and seize unauthorized control of affected devices.

High-Severity Windows Vulnerabilities

The most pressing threats stem from two high-severity vulnerabilities affecting Windows users. Both were discovered and reported to Zoom by security researcher sim0nsecurity.

Untrusted Search Path in Zoom Rooms

The first critical flaw, identified as CVE-2026-30906, resides in the Zoom Rooms installer for Windows. This vulnerability is attributed to an untrusted search path weakness, a common issue where software fails to properly validate the directories it uses to load essential files. An authenticated user with local access can exploit this oversight by placing malicious code in these unverified paths, thereby escalating their privileges and gaining deeper administrative control over the system.

External Control of File Name or Path in VDI Plugin

The second significant vulnerability, CVE-2026-30905, is present in the Zoom Workplace VDI Plugin Windows Universal Installer. This bug involves the external control of a file name or path. By manipulating how the installer processes file paths during its setup, a local attacker can compel the system to execute unauthorized commands, thus creating another dangerous avenue for privilege escalation.

Lower-Severity iOS Vulnerability

While Windows users face immediate privilege escalation risks, iOS users are exposed to a different, albeit less severe, threat. Tracked as CVE-2026-30904, this low-severity vulnerability impacts Zoom Workplace for iOS. Reported by security researcher errorsec_, the flaw involves a failure in a protection mechanism. Unlike the Windows bugs, exploiting this issue requires physical access to the iOS device. If successful, an attacker could bypass existing protections to force the application to disclose sensitive information. Due to the requirement for physical access and high privileges, its CVSS severity score is a low 1.8.

What You Should Do

  • Immediately update Zoom Rooms for Windows to the latest patched version.
  • Update the Zoom Workplace VDI Plugin for Windows to its latest secure version.
  • Update Zoom Workplace for iOS to the most recent release.
  • Establish and enforce robust patch management policies across your organization to ensure all endpoints are kept up-to-date.
  • Download and apply all updates directly from the official Zoom download portal to avoid unofficial or malicious sources.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityThreatVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

New Vidar Stealer Campaign Evades EDR, Steals Credentials

Next Post

SAP Patches Critical SQL Injection in S/4HANA (CVE-2023-XXXXX)

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Critical Adobe ColdFusion Vulnerabilities Let Attackers Run Code
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us