{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-53406: Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-53406","status":"final","version":"1","initial_release_date":"2026-06-12T17:52:45.190Z","current_release_date":"2026-06-12T18:01:48.839Z","revision_history":[{"date":"2026-06-12T17:52:45.190Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-53406 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-53406"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-53406"},{"category":"external","summary":"zoom.com","url":"https://www.zoom.com/en/trust/security-bulletin/zsb-26009"}]},"product_tree":{"branches":[{"category":"vendor","name":"Zoom Communications","branches":[{"category":"product_name","name":"Remote Control for Zoom Contact Center","branches":[{"category":"product_version_range","name":"<7.0.0","product":{"name":"Zoom Communications Remote Control for Zoom Contact Center <7.0.0","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:zoom_communications:remote_control_for_zoom_contact_center:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-53406","title":"Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7","notes":[{"category":"description","text":"Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 7.0.0.","product_ids":["CSAFPID-1"]}]}]}