The Hacker News ·EN News source Patch releasedZoom Desktop ClientZoom VDI ClientZoom Meeting SDK
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
CVE Tools coverage
Zoom has issued security updates addressing a critical vulnerability affecting its Windows-based products, which could have allowed attackers to take over user accounts remotely. The flaw, identified as CVE-2026-53412 with a CVSS score of 9.8, impacts the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows. According to Zoom’s advisory, an unauthenticated attacker could exploit this issue through network access without prior authentication. In addition to this critical flaw, three other high-severity vulnerabilities were also resolved in the latest releases.