The Indian Computer Emergency Response Team (CERT-In) has issued an official security alert on 2 February 2026. This alert is specifically for larger organizations and businesses that use the enterprise version of Zoom on their internal networks. According to security experts, there is a flaw in Zoom’s infrastructure that opens the way to penetrate the security layers.
What is Command Injection Vulnerability?
According to CERT-In, an OS command injection flaw has been found in Zoom’s Node Multimedia Router (MMR). By taking advantage of this weakness, hackers can bypass Zoom’s security layers and attack the target system.
Also read: mAadhaar App: How to update number and address in the new Aadhaar app? Understand the entire process in easy steps
How dangerous is this risk?
The agency says that by successfully exploiting this vulnerability, attackers can damage the integrity of the system. Can gain elevated privileges and cause a Denial of Service (DoS) condition on the target network. This risk is especially high for organizations that use Zoom node deployments on their internal networks.
Which Zoom modules are affected?
These security lapses mainly affect institutions using Zoom node setup. If your organization is using Zoom Node Meeting Hybrid (ZMH) MMR module version earlier than 5.2.1716.0 and Zoom Node Meeting Connector (MC) MMR module version earlier than 5.2.1716.0, you may be at risk.
Also read: OpenAI can bring ‘human-only’ social network: Face ID will help in identification, X and Instagram will get tough competition
What to do for protection?
Zoom has acknowledged this problem and released patches. Both the company and the Indian government have urged IT administrators to update their MMR (Multimedia Router) modules to the latest secure version without delay. Although this is not a matter of direct concern for ordinary mobile app users, it is very sensitive in terms of corporate network security.
