CVE-2026-53406

{"id": "CVE-2026-53406", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@zoom.us", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-06-12T18:16:35.457", "references": [{"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-26009", "source": "security@zoom.us"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Secondary", "source": "security@zoom.us", "description": [{"lang": "en", "value": "CWE-345"}]}], "descriptions": [{"lang": "en", "value": "Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access."}], "lastModified": "2026-06-15T20:52:58.193", "sourceIdentifier": "security@zoom.us"}