A time-of-check to time-of-use (TOCTOU) race condition in the installation and uninstallation process of certain Zoom Clients for Windows could allow an authenticated local user to escalate privileges.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://www.zoom.com/en/trust/security-bulletin/zsb-26013 |
|
History
Fri, 17 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A time-of-check to time-of-use (TOCTOU) race condition in the installation and uninstallation process of certain Zoom Clients for Windows could allow an authenticated local user to escalate privileges. | |
| Title | Zoom Workplace VDI Plugin for Windows - Improper Input Validation | |
| Weaknesses | CWE-20 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Zoom
Published:
Updated: 2026-07-17T13:19:18.986Z
Reserved: 2026-06-09T10:18:05.660Z
Link: CVE-2026-53411
Updated: 2026-07-17T13:19:15.282Z
No data.
No data.
OpenCVE Enrichment
No data.