CVE-2026-30900

Vulnerability

Overview

The vulnerability, identified as CVE-2026-30900, resides in the update functionality of certain Zoom clients for Windows. The root cause is an improper check of the minimum version during the update process. This flaw allows an authenticated user to potentially bypass version validation controls [1].

Exploitation

Prerequisites

Exploitation requires the attacker to have local access to the affected Windows system and valid authentication credentials. No network-based attack vector is needed; the CVSS vector string (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) confirms a local attack with low complexity and low privileges required. The attacker does not need user interaction [1].

Impact

Successful exploitation could lead to a full escalation of privilege, granting the attacker higher-level system access. The CVSS confidentiality, integrity, and availability impact ratings are all High, meaning the attacker could potentially read sensitive data, modify system configurations, or cause service disruption [1].

Mitigation

Zoom has released patches. Affected products include Zoom Workplace for Windows before version 6.6.11 in the 6.6.x branch, and Zoom Workplace VDI Client for Windows version 6.6.10 specifically. Users should update to the latest versions available at zoom.us/download [1].