Plattform
zoom
Komponente
zoom-workplace
CVE-2026-30902 describes an improper privilege management vulnerability within certain Zoom Workplace clients for Windows. This flaw allows an authenticated user possessing local access to escalate their privileges, potentially gaining unauthorized control over the system. The vulnerability impacts versions of Zoom Workplace for Windows up to those listed in the references. A fix is expected to be released by Zoom.
Successful exploitation of CVE-2026-30902 could allow an attacker with legitimate user credentials and local access to a Windows machine running a vulnerable Zoom Workplace client to elevate their privileges. This could grant them administrative rights, enabling them to install malware, access sensitive data, modify system configurations, or compromise the entire system. The impact is particularly concerning in environments where user accounts have broad permissions or where local administrator accounts are not adequately secured. While the vulnerability requires local access, it represents a significant risk for insider threats or attackers who have already gained a foothold on the system.
CVE-2026-30902 was publicly disclosed on 2026-03-11. Currently, there are no publicly available proof-of-concept exploits. The EPSS score is pending evaluation. Monitor security advisories from Zoom and CISA for updates on exploitation activity and potential KEV listing.
Organizations and individuals using Zoom Workplace for Windows are at risk, particularly those with less stringent local access controls. Environments where users have broad administrative privileges or where Zoom clients are deployed on shared workstations are especially vulnerable.
• windows / supply-chain:
Get-Process zoom* | Select-Object ProcessName, Path, CommandLine• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='Zoom Workplace']]]" -MaxEvents 10• windows / supply-chain: Check Autoruns for suspicious Zoom-related entries (using Autoruns utility from Sysinternals).
disclosure
Exploit-Status
EPSS
0.01% (2% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-30902 is to upgrade to the patched version of Zoom Workplace for Windows as soon as it becomes available. Until the patch is applied, organizations should implement stricter local access controls. This includes limiting the number of users with local administrator privileges, enforcing strong password policies, and regularly auditing user account permissions. Consider implementing multi-factor authentication (MFA) for local logins to add an extra layer of security. As a temporary workaround, restrict local access to the Zoom Workplace client to only authorized personnel.
Aktualisieren Sie auf die neueste Version von Zoom Workplace für Windows. Dies behebt die Schwachstelle der Berechtigungserweiterung.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-30902 is a HIGH severity vulnerability in Zoom Workplace for Windows that allows an authenticated user with local access to escalate their privileges.
If you are using a version of Zoom Workplace for Windows (≤ see references), you may be affected. Check the official Zoom advisory for specific affected versions.
Upgrade to the latest patched version of Zoom Workplace for Windows. Refer to the official Zoom advisory for instructions and download links.
Currently, there are no reports of active exploitation of CVE-2026-30902, but it's crucial to apply the patch proactively.
Refer to the official Zoom security advisory, which can be found on the Zoom security website (see references in the CVE details).
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.