Description
External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.
Published: 2026-03-11
Score: 9.6 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is an instance of External Control of File Name or Path (CWE‑73). It is present in the Mail feature of Zoom Workplace for Windows versions before 6.6.0. The description states that an unauthenticated user may supply a crafted file name or path that can lead to privilege escalation via network access. Based on the description, it is inferred that the application processes the supplied path in a manner that could allow the creation or modification of files with elevated privileges, enabling the attacker to gain higher privileges on the affected Windows system.

Affected Systems

Zoom Communications’ Zoom Workplace application for Windows. All releases of the Windows client prior to version 6.6.0 are considered vulnerable. No specific patch version list is supplied; therefore, any installation of Zoom Workplace for Windows before 6.6.0 is at risk.

Risk and Exploitability

The CVSS score is 9.6, indicating a critical severity. The EPSS score is less than 1%, suggesting a low likelihood of exploitation at present. The vulnerability is not listed in CISA’s KeV catalog. Through the described path, an unauthenticated network user may exploit the flaw without any user interaction beyond connectivity to the Zoom Workplace service. Based on the description, the likely attack vector is network connectivity to the Zoom Workplace service. Organizations with affected versions should regard this as a high‑risk issue and prioritize remediation.

Generated by OpenCVE AI on March 17, 2026 at 16:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Zoom Workplace for Windows to version 6.6.0 or later on all affected machines.
  • If an immediate upgrade is not possible, restrict network traffic to the Zoom Workplace service using firewall rules to reduce exposure.
  • Monitor Zoom Security Bulletins for additional patches or workarounds.

Generated by OpenCVE AI on March 17, 2026 at 16:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Title External Control of File Name or Path in Zoom Workplace Mail Feature Leads to Privilege Escalation

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Zoom Communications
Zoom Communications zoom Workplace
Vendors & Products Zoom Communications
Zoom Communications zoom Workplace

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.
Weaknesses CWE-73
References
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Subscriptions

Zoom Communications Zoom Workplace
cve-icon MITRE

Status: PUBLISHED

Assigner: Zoom

Published:

Updated: 2026-03-12T03:55:33.501Z

Reserved: 2026-03-06T18:44:57.631Z

Link: CVE-2026-30903

cve-icon Vulnrichment

Updated: 2026-03-11T15:56:00.737Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T15:16:30.247

Modified: 2026-03-12T21:08:22.643

Link: CVE-2026-30903

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:37:09Z

Weaknesses