Print - 【Vulnerability Alert】Zoom Workplace for Windows contains a critical security vulnerability (CVE-2026-30903).

【Vulnerability Alert】Zoom Workplace for Windows contains a critical security vulnerability (CVE-2026-30903).

publish date : 2026-03-13 update date : 2026-03-13

Source: Ministry of education information & communication security contingency platform

"" "" ""


Publication Number	TACERT-ANA-2026031210035555	Publication Time	2026/03/12 10:35
Incident Type	ANA-Vulnerability Alert	Discovery Time	2026/03/12 10:35
Impact Level	Low
[Subject] 【Vulnerability Alert】Zoom Workplace for Windows contains a critical security vulnerability (CVE-2026-30903).
[Content] Forwarded from TWCERTCC-200-202603-00000009 Recently, Zoom released a critical security advisory for Zoom Workplace for Windows (CVE-2026-30903, CVSS: 9.6). The vulnerability exists in the mail feature, where file names or paths can be controlled externally, potentially allowing an unauthenticated attacker to access the system over a network and escalate privileges. (Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform] Zoom Workplace for Windows versions prior to 6.6.0 Zoom Workplace VDI Client for Windows versions prior to 6.4.17, 6.5.15, and 6.6.10
[Recommended Actions] Apply the remediation according to the solution provided on the official website: https://www.zoom.com/en/trust/security-bulletin/zsb-26005/
[Reference] 1. https://www.twcert.org.tw/tw/cp-169-10758-31469-1.html

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center