Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NZoom Meeting Software Development Kit
APPZoom< 7.0.3< 7.0.4Zoom Workplace
APPZoom< 7.0.3< 7.0.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2025-49457CRITICAL9.6PL ✓ten sam produkt
Untrusted search path w klientach Zoom dla Windows — privilege escalation przez sieć
CVE-2024-24691CRITICAL9.6PL ✓ten sam produkt
Privilege escalation w Zoom Desktop Client, VDI Client i Meeting SDK dla Windows
CVE-2026-53407HIGH8.1ten sam produkt
Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and...
CVE-2026-30900HIGH7.8ten sam produkt
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an aut...
CVE-2025-62484HIGH8.1ten sam produkt
Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an...