Critical Zoom Node Vulnerability Allows Remote Code Execution (CVE-2026-22844)

A newly disclosed critical vulnerability in Zoom Node Multimedia Routers (MMRs) allows authenticated meeting participants to execute arbitrary commands remotely. Tracked as CVE-2026-22844 with a CVSS score of 9.9, the flaw affects Zoom Node deployments running versions prior to 5.2.1716.0 and requires immediate patching.

  Cyber Security News   Jan 22, 2026   0   44  Add to Reading List
Critical Zoom Node Vulnerability Allows Remote Code Execution (CVE-2026-22844)

A critical security vulnerability has been identified in Zoom Node Multimedia Routers (MMRs) that could allow attackers to execute arbitrary system commands on affected servers.

RoxoHost Shared Hosting
RoxoHost Shared Hosting

The flaw, tracked as CVE-2026-22844, carries a CVSS severity score of 9.9, placing it among the most dangerous vulnerabilities disclosed this year. Due to its low attack complexity and network-based exploitation, organizations using Zoom Node infrastructure face an immediate and serious security risk.

Vulnerability Overview

The issue is caused by a command injection flaw in Zoom Node MMR components running versions earlier than 5.2.1716.0. It affects the following Zoom deployments:

  • Zoom Node Meetings Hybrid (ZMH)

  • Zoom Node Meeting Connector (MC)

An attacker with basic meeting participant credentials could exploit this weakness to execute arbitrary commands directly on the MMR system — potentially leading to full system compromise.

Why This Vulnerability Is Dangerous

What makes CVE-2026-22844 especially severe is its attack profile:

  • Attack Vector: Network

  • Privileges Required: Low

  • User Interaction: None

  • Impact: High on confidentiality, integrity, and availability

This means attackers could:

  • Steal sensitive data

  • Modify system configurations

  • Disrupt or completely disable Zoom services

The vulnerability’s CVSS vector confirms its critical impact across all security dimensions.

Mitigation & Fix

Zoom has officially acknowledged the issue and released a fix. Administrators are strongly advised to:

  • Immediately update Zoom Node MMR modules to version 5.2.1716.0 or later

  • Review Zoom’s official Managing Updates for Zoom Node documentation

  • Treat this update with the same urgency as a zero-day vulnerability response

The vulnerability was internally discovered by Zoom’s Offensive Security Team, highlighting the importance of proactive security testing.

Final Thoughts

Due to the ease of exploitation and critical severity rating, CVE-2026-22844 represents a substantial threat to organizations using Zoom Node deployments. Delayed patching could result in serious security incidents, including unauthorized access and service disruption.

All affected organizations should verify their Zoom Node versions immediately and apply the security update without delay.

Tags