Zoom Workplace for Windows flaws can let attackers gain elevated access
5 min. read 
Published on
Zoom has disclosed four Windows security vulnerabilities, including one Critical flaw that could let an unauthenticated attacker escalate privileges over the network. The issues affect Zoom Workplace for Windows, Zoom Clients for Windows, and Zoom Rooms for Windows, and Zoom published all four bulletins on March 10, 2026.
The most serious issue is CVE-2026-30903, tracked by Zoom as ZSB-26005. Zoom classifies it as a Critical “External Control of File Name or Path” vulnerability in Zoom Workplace for Windows. The bulletin page lists the flaw as affecting Zoom Workplace for Windows, and Zoom’s release notes point users to the latest app build through its Download Center.
For businesses, this is a patch-now update. A privilege escalation flaw inside a widely used collaboration app can become a useful stepping stone after phishing, malware delivery, or lateral movement. In this case, Zoom’s own bulletin list shows that the Critical flaw sits alongside three High-severity Windows issues published the same day.
What Zoom disclosed on March 10
Zoom’s official security bulletin page lists these four new Windows flaws:
| CVE | Zoom bulletin | Affected product | Vulnerability type | Severity | Published |
|---|---|---|---|---|---|
| CVE-2026-30903 | ZSB-26005 | Zoom Workplace for Windows | External Control of File Name or Path | Critical | March 10, 2026 |
| CVE-2026-30902 | ZSB-26004 | Zoom Clients for Windows | Improper Privilege Management | High | March 10, 2026 |
| CVE-2026-30901 | ZSB-26003 | Zoom Rooms for Windows | Improper Input Validation | High | March 10, 2026 |
| CVE-2026-30900 | ZSB-26002 | Zoom Workplace Clients for Windows | Improper Check | High | March 10, 2026 |
The headline vulnerability is CVE-2026-30903 because Zoom ranks it as Critical, while the other three receive High severity ratings. Zoom does not publish detailed exploit steps on the bulletin page, but it clearly advises customers to update to the latest version to get the fixes and security improvements.
The Critical Zoom Workplace bug stands out
CVE-2026-30903 affects Zoom Workplace for Windows. Zoom labels it as an “External Control of File Name or Path” issue, a weakness class that can open the door to unauthorized operations when software mishandles file references or paths.
The sample you shared says versions earlier than 6.6.0 are affected. Zoom’s public bulletin page confirms the CVE and severity, while Zoom’s Windows Workplace release notes direct users to current releases through the official Download Center. Based on those official pages, the safe practical takeaway is straightforward: update Zoom Workplace for Windows to the newest available patched build from Zoom.
Three more High-severity Windows vulnerabilities
The other three March 10 bulletinshttps://www.zoom.com/en/trust/security-bulletin/?utm_source=chatgpt.com are also important because they hit Windows deployments across different Zoom products. Zoom lists them as:
- CVE-2026-30902 in Zoom Clients for Windows, described as Improper Privilege Management
- CVE-2026-30901 in Zoom Rooms for Windows, described as Improper Input Validation
- CVE-2026-30900 in Zoom Workplace Clients for Windows, described as Improper Check
Each one could help an attacker move from limited access to higher privileges or trigger unintended behavior on a Windows system. Even without public proof of in-the-wild exploitation, these are the kinds of flaws IT teams usually treat seriously because Zoom often runs on employee laptops, meeting room systems, and managed enterprise desktops.
Why enterprises should move fast
Zoom says it does not provide customer-specific impact guidance in its bulletin listings, but it does recommend updating to the latest version of Zoom software to get the newest fixes and security improvements. That statement matters because all four bulletins landed together, with one Critical and three High-severity issues affecting Windows software.
For enterprise teams, the risk goes beyond a single endpoint. A vulnerable collaboration app can sit on user devices, virtual desktop environments, and conference room systems. If attackers find a way in, privilege escalation bugs can help them dig deeper into the environment. That makes rapid patching, version inventory, and Windows endpoint monitoring especially important after this batch of disclosures. This risk assessment is an inference based on the affected product types and the privilege-escalation nature of the flaws.
What admins and users should do now
Zoom’s official guidance is simple: update to the latest version. Zoom’s Zoom Workplace app release notes say users can download the latest version from the Download Center, and the security bulletin page says customers should update to the newest software for fixes and security improvements.
- Update Zoom Workplace for Windows to the latest patched release from Zoom
- Update Zoom Clients for Windows and Zoom Rooms for Windows as well
- Check managed endpoints for older Zoom builds still in circulation
- Prioritize Windows systems used for email, meetings, shared workspaces, and VDI
- Watch for unusual behavior tied to Zoom-related processes after patching
Quick summary
| Key point | Details |
|---|---|
| Total bulletins | Four |
| Date published | March 10, 2026 |
| Most severe flaw | CVE-2026-30903 |
| Severity spread | One Critical, three High |
| Main affected platforms | Zoom Workplace for Windows, Zoom Clients for Windows, Zoom Rooms for Windows |
| Official advice | Update to the latest Zoom software |
FAQ
CVE-2026-30903 is the most serious one. Zoom rates it Critical and lists it under bulletin ZSB-26005 for Zoom Workplace for Windows.
No. Zoom’s March 10 bulletin list also includes flaws affecting Zoom Clients for Windows and Zoom Rooms for Windows.
On the official bulletin listing page, Zoom identifies the CVEs, affected products, and severity ratings, but the page does not say these March 10 Windows flaws are under active exploitation.
Install the latest Zoom software from Zoom’s official update channel or Download Center. That is the main mitigation Zoom provides publicly.
Zoom publishes these notices on its official Security Bulletins page and maintains product release notes on its support site.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages