Cyber Resilience

CVE-2026-30900

HighUpdated

Published: 11 March 2026

Published
11 March 2026
Modified
14 May 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 5.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-30900 is a high-severity Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability in Zoom Meeting Software Development Kit. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 5.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-30900 involves an improper check of minimum version in the update functionality of certain Zoom Clients for Windows. This flaw, linked to CWE-754, enables an authenticated user to conduct an escalation of privilege via local access. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-11T15:16:29.787.

A local attacker with low privileges, such as an authenticated user on the Windows system, can exploit this vulnerability due to its low attack complexity and lack of need for user interaction. Successful exploitation allows high-impact gains in confidentiality, integrity, and availability, typically manifesting as privilege escalation.

Zoom's security bulletin at https://www.zoom.com/en/trust/security-bulletin/zsb-26002 provides details on advisories and patches for mitigation.

EU & UK References

Vulnerability details

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation via improper minimum version check in Zoom update functionality directly matches exploitation of a software vulnerability for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-27439Same product: Zoom Meeting Software Development Kit
CVE-2025-0151Same product: Zoom Meeting Software Development Kit
CVE-2025-0147Same product: Zoom Meeting Software Development Kit
CVE-2026-30902Same product: Zoom Workplace Desktop
CVE-2025-27440Same product: Zoom Meeting Software Development Kit
CVE-2024-45421Same product: Zoom Meeting Software Development Kit
CVE-2026-30903Same product: Zoom Workplace Desktop
CVE-2024-45418Same product: Zoom Meeting Software Development Kit
CVE-2025-49457Same product: Zoom Meeting Software Development Kit
CVE-2026-30905Same product: Zoom Workplace Virtual Desktop Infrastructure

Affected Assets

zoom
meeting software development kit
6.6.0 — 6.6.11
zoom
workplace desktop
6.6.0 — 6.6.11
zoom
workplace virtual desktop infrastructure
≤ 6.6.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely patching of the improper minimum version check flaw in Zoom Client update functionality as detailed in the vendor security bulletin.

prevent

Verifies software integrity during updates to detect and prevent exploitation of improper version checks that could lead to privilege escalation.

prevent

Enforces least privilege on processes including update mechanisms, limiting the scope and success of local privilege escalation by low-privileged authenticated users.

References