Splunk and Zoom Patch Severe Vulnerabilities
Splunk and Zoom have announced security updates that resolve multiple critical- and high-severity vulnerabilities across their product portfolios. Meanwhile, these patches are crucial for preventing potential attacks. However, the vulnerabilities could be exploited to execute arbitrary shell commands or elevate privileges.
Vulnerabilities in Zoom and Splunk
Zoom has addressed a critical-severity flaw in Workplace for Windows that could allow unauthenticated, remote attackers to elevate their privileges over the network. Additionally, Zoom rolled out patches for three high-severity security defects in certain Zoom Clients for Windows. For example, these defects could be exploited by local attackers to escalate their privileges.
Splunk, on the other hand, released a fresh round of Splunk Enterprise updates that resolve dozens of issues, including five that are product-specific. The most severe of these bugs is CVE-2026-20163, a high-severity flaw that could be exploited by attackers who already have high privileges on a vulnerable deployment to execute arbitrary shell commands through a REST endpoint.
Impact of the Vulnerabilities
The security defect in Splunk was addressed in Splunk Enterprise versions 10.2.0, 10.0.4, 9.4.9, and 9.3.10, which also resolve three medium-severity flaws leading to XSS attacks, credential exposure, and sensitive information disclosure. Furthermore, the updates include fixes for dozens of CVEs in third-party packages used in Splunk Enterprise, including multiple Golang dependencies.
A fourth medium-severity issue that could lead to Observability Cloud API access token leakage was resolved in Splunk Enterprise versions 10.2.1 and 10.0.4. Meanwhile, Splunk rolled out fixes for dozens of other vulnerabilities in third-party packages in Splunk AppDynamics, including multiple critical-severity flaws.
Conclusion and Recommendations
In conclusion, the vulnerabilities patched by Splunk and Zoom are severe and could be exploited to execute arbitrary shell commands or elevate privileges. Therefore, it is essential to apply the security updates as soon as possible. Additionally, users should be aware of the potential risks and take steps to prevent attacks, such as using strong passwords and keeping software up to date.
Finally, for more information on the vulnerabilities and patches, users can visit the security advisories page of Splunk and Zoom. Moreover, users can take additional steps to secure their systems, such as implementing firewalls and intrusion detection systems.
Frequently Asked Questions
- What are the vulnerabilities patched by Splunk and Zoom? The vulnerabilities include critical- and high-severity flaws that could be exploited to execute arbitrary shell commands or elevate privileges.
- How can users prevent attacks? Users can prevent attacks by applying the security updates, using strong passwords, and keeping software up to date.
- What are the potential risks of the vulnerabilities? The potential risks include the execution of arbitrary shell commands, elevation of privileges, and sensitive information disclosure.
- Where can users find more information on the vulnerabilities and patches? Users can find more information on the security advisories page of Splunk and Zoom.
- What are the recommendations for users? The recommendations include applying the security updates, using strong passwords, and keeping software up to date.








