Description
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2026-05-13
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated Windows user can supply arbitrary file names or paths during installation of the Zoom Workplace VDI Plugin, allowing the installer to write files to unintended locations. This external control of file names or paths, identified as CWE‑73 and CWE‑610, can result in local privilege escalation because the plugin may run with higher permissions than the user, enabling the replacement of critical system files or configuration data.

Affected Systems

The vulnerability affects Zoom Communications’ Zoom Workplace VDI Plugin distributed via the Windows Universal Installer for versions earlier than 6.6.11.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity for an authenticated local user. The EPSS score of < 1% shows a very low probability of exploitation, and the vulnerability is not listed in CISA KEV, suggesting no known exploits. The likely attack vector involves a local authenticated Windows user who has installed the plugin; if the attacker can control the installer’s input, they may place malicious files with elevated privileges.

Generated by OpenCVE AI on June 3, 2026 at 04:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Zoom Workplace VDI Plugin to version 6.6.11 or later, which removes the uncontrolled file path handling.
  • Restrict installation rights to trusted, non‑privileged accounts so only authorized personnel can install or modify the plugin.
  • Deploy application whitelisting or file integrity monitoring to detect and block unauthorized writes to critical system directories during plugin installation.

Generated by OpenCVE AI on June 3, 2026 at 04:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 05:00:00 +0000

Type Values Removed Values Added
Title External Control of File Name or Path Leading to Escalation of Privilege in Zoom Workplace VDI Plugin

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Zoom workplace Virtual Desktop Infrastructure
Weaknesses CWE-610
CPEs cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*
Vendors & Products Zoom workplace Virtual Desktop Infrastructure

Thu, 14 May 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Zoom
Zoom workplace Vdi Plugin
Vendors & Products Zoom
Zoom workplace Vdi Plugin

Wed, 13 May 2026 20:00:00 +0000

Type Values Removed Values Added
Title External Control of File Name or Path Leading to Escalation of Privilege in Zoom Workplace VDI Plugin

Wed, 13 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access.
Weaknesses CWE-73
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Zoom Workplace Vdi Plugin Workplace Virtual Desktop Infrastructure
cve-icon MITRE

Status: PUBLISHED

Assigner: Zoom

Published:

Updated: 2026-05-15T03:56:05.013Z

Reserved: 2026-03-06T18:44:57.631Z

Link: CVE-2026-30905

cve-icon Vulnrichment

Updated: 2026-05-13T18:54:46.375Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-13T19:17:05.367

Modified: 2026-06-03T01:26:11.010

Link: CVE-2026-30905

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T04:45:25Z

Weaknesses