Zoom Rooms Windows 6.6.5 PrivEsc in Kiosk Mode
CVE-2026-30901 Published on March 11, 2026

Zoom Rooms for Windows - Improper Input Validation
Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access.

NVD

Vulnerability Analysis

CVE-2026-30901 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2026-30901

Want to know whenever a new CVE is published for Zoom Rooms? stack.watch will email you.

Zoom Rooms

Affected Versions

Zoom Communications Inc. Zoom Rooms:

Before 6.6.5 is affected.

Zoom Rooms Windows 6.6.5 PrivEsc in Kiosk ModeCVE-2026-30901 Published on March 11, 2026

Vulnerability Analysis

Weakness Type

Improper Input Validation

Products Associated with CVE-2026-30901

Affected Versions

Zoom Rooms Windows 6.6.5 PrivEsc in Kiosk Mode
CVE-2026-30901 Published on March 11, 2026