Vulnerability Details CVE-2026-53407
Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 13.8%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2026-53407
-
cpe:2.3:a:zoom:workplace:5.17.11
-
cpe:2.3:a:zoom:workplace:5.17.5
-
cpe:2.3:a:zoom:workplace:6.0.0
-
cpe:2.3:a:zoom:workplace:6.0.12
-
cpe:2.3:a:zoom:workplace:6.1.0
-
cpe:2.3:a:zoom:workplace:6.2.0
-
cpe:2.3:a:zoom:workplace:6.2.5
-
cpe:2.3:a:zoom:workplace:6.3.0
-
cpe:2.3:a:zoom:workplace:6.3.10
-
cpe:2.3:a:zoom:workplace:6.4.0
-
cpe:2.3:a:zoom:workplace:6.5.0
-
cpe:2.3:a:zoom:workplace:6.5.10