This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical security flaw in **Zoom Workplace**'s email feature. π§ The system fails to sanitize **file names/paths** controlled by external inputs.β¦
π‘οΈ **Root Cause**: **CWE-73** (External Control of File Name or Path). π The application flaw lies in how it handles user-supplied file paths in the email functionality.β¦
π’ **Affected Vendor**: **Zoom Communications**. π» **Product**: **Zoom Workplace** (Desktop Application). π **Version**: All versions **prior to 6.6.0**. If you are running an older build, you are vulnerable.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Hackers can achieve **Privilege Escalation**. π They can access files/directories they shouldn't. π **Impact**: High Confidentiality, Integrity, and Availability loss.β¦
π **Exploitation Threshold**: **Low** for Auth, **Medium** for UI. π« **Auth**: **None Required** (PR:N). You don't need to be logged in. π **UI**: **Required** (UI:R).β¦
π΅οΈ **Public Exploit**: **No**. π The `pocs` field is empty. π« No Proof-of-Concept (PoC) or wild exploitation code is currently available in the wild. It is currently a theoretical risk based on the description.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Check your Zoom Workplace version. π± Is it **< 6.6.0**? 2. Review email handling features for suspicious file paths. π Look for unusual file name injections in your email logs. 3.β¦
π οΈ **Official Fix**: **Yes**. π Published: **2026-03-11**. β The vendor has released a security bulletin (ZSB-26005). π **Mitigation**: Update Zoom Workplace to **version 6.6.0 or later** immediately.β¦
π§ **No Patch Workaround**: If you cannot update: 1. Disable the **Email Feature** in Zoom Workplace if possible. π« 2. Avoid opening attachments or links from untrusted sources. π 3.β¦
π₯ **Urgency**: **HIGH**. π CVSS Vector indicates High Impact. π¨ Even without public exploits, the **Unauthenticated** nature makes it dangerous. πββοΈ **Action**: Patch immediately to version 6.6.0+.β¦