Privilege Escalation in Zoom Clients for Windows by Zoom
CVE-2026-53410

7HIGH

Key Information:

Vendor
CVE Published:
16 July 2026

Badges

đź“° News Worthy

What is CVE-2026-53410?

A time-of-check to time-of-use (TOCTOU) race condition in the installation and uninstallation process of certain Zoom Clients for Windows enables an authenticated local user to potentially escalate their privileges. This vulnerability exposes systems to elevated risks if exploited, allowing unauthorized access to sensitive functionalities within the application. Regular updates and security awareness are crucial to mitigate risks associated with these types of vulnerabilities.

Affected Version(s)

Zoom Clients Windows see references

News Articles

Zoom Patches Critical Account Takeover Vulnerability for Windows  | eSecurity Planet

Zoom patched a critical Windows vulnerability that could enable unauthenticated account takeover.

1 day ago

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Esecurity Planet

  • Vulnerability published

  • Vulnerability Reserved

.