Splunk, Zoom Patch Critical Vulnerabilities
The flaws could allow attackers to access credentials and data, take over accounts, and escalate their privileges. The post Splunk, Zoom Patch Critical Vulnerabilities appeared first on SecurityWeek .
AI Analysis
Technical Summary
Splunk released patches for three product-specific vulnerabilities: CVE-2026-20296 (command safeguards bypass, high severity), CVE-2026-20297 (path traversal, high severity), and CVE-2026-20298 (information disclosure, medium severity). These flaws could allow attackers to access credentials and data, write files outside the application directory, and view stored credential hashes. The fixes are included in Splunk Enterprise versions 10.4.1, 10.2.5, 10.0.8, and 9.4.13, which also address critical vulnerabilities in third-party components. Zoom patched four vulnerabilities in its Windows Workplace and Workplace VDI Client, including CVE-2026-53412 with a CVSS score of 9.8, a critical remote unauthenticated account takeover vulnerability, plus three high-severity issues involving a TOCTOU race condition and privilege elevation. Neither vendor reported active exploitation in the wild.
Potential Impact
Successful exploitation of the Splunk vulnerabilities could allow attackers to access sensitive credentials and data, write unauthorized files outside the application directory, and disclose stored credential hashes. The Zoom critical vulnerability could enable remote, unauthenticated attackers to take over user accounts, potentially leading to unauthorized access and privilege escalation. The other high-severity Zoom flaws could allow privilege escalation and exploitation of race conditions. No known active exploitation has been reported.
Mitigation Recommendations
Patches are available and should be applied immediately. Splunk users should upgrade to versions 10.4.1, 10.2.5, 10.0.8, or 9.4.13 to address the vulnerabilities. Zoom users should update their Workplace and Workplace VDI Clients for Windows to the latest patched versions. No mention of active exploitation or additional mitigations was provided by the vendors. Organizations should follow vendor guidance to apply these official fixes promptly.
Splunk, Zoom Patch Critical Vulnerabilities
Description
The flaws could allow attackers to access credentials and data, take over accounts, and escalate their privileges. The post Splunk, Zoom Patch Critical Vulnerabilities appeared first on SecurityWeek .
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Splunk released patches for three product-specific vulnerabilities: CVE-2026-20296 (command safeguards bypass, high severity), CVE-2026-20297 (path traversal, high severity), and CVE-2026-20298 (information disclosure, medium severity). These flaws could allow attackers to access credentials and data, write files outside the application directory, and view stored credential hashes. The fixes are included in Splunk Enterprise versions 10.4.1, 10.2.5, 10.0.8, and 9.4.13, which also address critical vulnerabilities in third-party components. Zoom patched four vulnerabilities in its Windows Workplace and Workplace VDI Client, including CVE-2026-53412 with a CVSS score of 9.8, a critical remote unauthenticated account takeover vulnerability, plus three high-severity issues involving a TOCTOU race condition and privilege elevation. Neither vendor reported active exploitation in the wild.
Potential Impact
Successful exploitation of the Splunk vulnerabilities could allow attackers to access sensitive credentials and data, write unauthorized files outside the application directory, and disclose stored credential hashes. The Zoom critical vulnerability could enable remote, unauthenticated attackers to take over user accounts, potentially leading to unauthorized access and privilege escalation. The other high-severity Zoom flaws could allow privilege escalation and exploitation of race conditions. No known active exploitation has been reported.
Mitigation Recommendations
Patches are available and should be applied immediately. Splunk users should upgrade to versions 10.4.1, 10.2.5, 10.0.8, or 9.4.13 to address the vulnerabilities. Zoom users should update their Workplace and Workplace VDI Clients for Windows to the latest patched versions. No mention of active exploitation or additional mitigations was provided by the vendors. Organizations should follow vendor guidance to apply these official fixes promptly.
Technical Details
- Article Source
- {"url":"https://www.securityweek.com/splunk-zoom-patch-critical-vulnerabilities/","fetched":true,"fetchedAt":"2026-07-16T11:02:32.685Z","wordCount":914}
Threat ID: 6a58ba4868715ace43e6928f
Added to database: 07/16/2026, 11:02:32 UTC
Last enriched: 07/16/2026, 11:02:44 UTC
Last updated: 07/16/2026, 19:27:23 UTC
Views: 16
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.