Using Zoom For Video Calls? Indian Government Issues High Risk Hacking Warning

The Indian government has issued a fresh high-risk security warning for Zoom users. The alert comes from the Indian Computer Emergency Response Team (CERT-In), which flagged a critical vulnerability on February 2, 2026. According to the advisory, hackers can use this security flaw to send harmful commands to a device from far away. If the device is affected, the attacker could completely take control of it just like the real owner."The flaw could allow a remote attacker to run malicious commands on affected systems, potentially taking full control," the cybersecurity agency said. The core of the problem lies in the Zoom Node Multimedia Router (MMR), which handles audio and video traffic in large or hybrid meeting setups. CERT-In said the vulnerability impacts

Zoom Node Meetings, Hybrid and Zoom Node Meeting Connector modules running on versions older than 5.2.1716.0. If an organisation is still on these versions, it is exposed.Zoom’s own security bulletin paints an even grimmer picture. The US-based video conferencing application has rated the flaw as 'Critical; with a CVSS score of 9.9 out of 10, which places it among the most dangerous categories of software vulnerabilities. Tracked as CVE-2026-22844, the issue could allow a meeting participant to execute arbitrary code on the server through network access.In simple terms, someone inside a meeting could exploit this weakness to compromise the entire backend system. That could mean data theft, ransomware installation, service disruption, or worse all while a meeting appears to be running normally.CERT-In has warned that the potential impact includes full system compromise. For organisations that rely on Zoom for internal communication, hybrid meetings or sensitive discussions, this turns into a serious operational risk.For everyday users joining calls from their laptops, the vulnerability does not directly target personal devices. However, the responsibility shifts to IT teams and system administrators. If your company runs Zoom’s hybrid or connector infrastructure, updating is no longer optional.CERT-In and Zoom have both urged administrators to patch affected systems immediately by upgrading to version 5.2.1716.0 or later. The fix is already available and delaying it only increases the risk of exploitation.If you are not sure whether your organisation uses these Zoom components, it may be worth flagging the advisory to your IT team. In cybersecurity, silence and delay are often what attackers count on.