Zoom patches critical security flaw which could have let hackers hijack accounts



  • Zoom patches critical improper input validation flaw in multiple Windows clients and SDKs that allowed remote account takeover
  • Additional high‑severity bugs fixed include CVE‑2026‑53410 (TOCTOU race condition), CVE‑2026‑53409 (privilege management flaw), and CVE‑2026‑53411 (input validation issue)
  • All vulnerabilities were found internally, with no evidence of exploitation; users are urged to update Zoom Workplace and related products to the latest versions

Zoom has patched a critical-level vulnerability in multiple products that allowed threat actors to take over people’s accounts remotely.

In a security advisory, Zoom said it fixed an Improper Input Validation bug plaguing Zoom Desktop Client for Windows (before version 7.0.0), Zoom VDI Client for Windows (before versions 7.0.10, 6.6.15, and 6.5.18), and Zoom Meeting SDK for Windows (before version 7.0.0). It did not go into more details on how the flaw works.

https://cdn.mos.cms.futurecdn.net/oQs6iUSDCYDEV6yP7Pj9Gh-1651-80.png



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img