CVE-2026-30902
Description
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.013
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-62483,CVE-2025-67460,CVE-2026-30902 are fixed in Zoom Rooms (6.6.0.6624) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Workplace (6.6.0.15547) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Workplace (x64) (6.6.0.15547) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Workplace (EXE) (User Based) (6.6.0.15547) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Workplace (EXE) (x64) (User Based) (6.6.0.15547) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Outlook Plugin (6.6.0.1185) | Windows |
| Vulnerabilities CVE-2026-30903,CVE-2026-30902 are fixed in Zoom Rooms (6.6.0.6624) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Notes Plugin (6.6.10.1194) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Outlook Plugin (6.6.10.1192) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Workplace (6.6.10.22255) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Workplace (EXE) (User Based) (6.6.10.22255) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Workplace (EXE) (x64) (User Based) (6.6.10.22255) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Workplace (x64) (6.6.10.22255) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom Rooms (6.6.10.6938) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom VDI Universal Plugin (MSI) (x64) (6.6.10.26830) | Windows |
| Vulnerabilities CVE-2026-30902 are fixed in Zoom VDI Workplace (MSI) (x64) (6.6.10.26830) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-355898 | Zoom Rooms (6.7.5.7278) |
| PATCH-353838 | Zoom Workplace (MSI) (6.6.11.23272) |
| PATCH-357411 | Zoom Workplace (x64) (7.0.0.33767) |
| PATCH-353839 | Zoom Workplace (User Based) (6.6.11.23272) |
| PATCH-357410 | Zoom Workplace (EXE) (x64) (User Based) (7.0.0.33767) |
| PATCH-353028 | Zoom Outlook Plugin (6.6.10.1192) |
| PATCH-355898 | Zoom Rooms (6.7.5.7278) |
| PATCH-353027 | Zoom Notes Plugin (6.6.10.1194) |
| PATCH-353028 | Zoom Outlook Plugin (6.6.10.1192) |
| PATCH-353838 | Zoom Workplace (MSI) (6.6.11.23272) |
| PATCH-353839 | Zoom Workplace (User Based) (6.6.11.23272) |
| PATCH-357410 | Zoom Workplace (EXE) (x64) (User Based) (7.0.0.33767) |
| PATCH-357411 | Zoom Workplace (x64) (7.0.0.33767) |
| PATCH-355898 | Zoom Rooms (6.7.5.7278) |
| PATCH-357113 | Zoom VDI Universal Plugin (MSI) (x64) (6.6.13.26950) |
| PATCH-357220 | Zoom VDI Workplace (MSI) (x64) (6.6.13.26950) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234