Multiple vulnerabilities in the Cisco Webex Network Recording Player and Cisco Webex Player could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user.
Apr 03, 2020 · For industries with stringent data privacy and security requirements, platforms like Webex or Microsoft Teams may be a better fit, but every company, platform, and technology has its own set of Mar 05, 2020 · Cisco Systems has patched two high-severity vulnerabilities in its popular Webex video conferencing platform, which if exploited could allow an attacker to execute code on affected systems. Two Nov 09, 2014 · Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user. Oct 01, 2019 · Researchers have discovered a vulnerability in the Zoom and Cisco Webex conference platforms that could let an attacker scan for and drop into video meetings unprotected with a password. The
Core Security researchers Federico Muttis, Sebastian Tello and Manuel Muradas teamed to discover two separate vulnerabilities, each affecting a separate Cisco WebEx application.
Jan 27, 2020 · As vulnerabilities go, it could be worse. Having said that, unauthorised attendance at an online meeting could have consequences, such as employees learning management secrets, industrial espionage, insider trading, or worse. Cisco also released a batch of security updates earlier this month – including one for Webex Video Mesh. ® 2010-10-04: Core Security Technologies contacts Cisco PSIRT using their provided PGP key notifying them of the vulnerabilities and sending an advisory draft, a proof of concept for the WebEx Player vulnerability, and a proof of concept for the Meeting Center vulnerability including details of how to reproduce both vulnerabilities, and details Jun 23, 2020 · According to Cisco’s security alert, the Mac desktop version of Webex is open to a remote injection attack from an unauthenticated, remote attacker due to a bug classified as CVE-2020-3342. CVE-2020-3342 is rated as an 8.8 on the Common Vulnerability Scoring System, which gives it a “high” threat distinction.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open
Oct 01, 2019 · Researchers have discovered a vulnerability in the Zoom and Cisco Webex conference platforms that could let an attacker scan for and drop into video meetings unprotected with a password. The Cisco Webex vulnerability allows hackers to take control of your network Vulnerability testing specialists report the presence of a critical security flaw in some Cisco products, including Webex, the popular video conferencing platform. If exploited, the vulnerability could allow a remote hacker to execute commands on the target system. Jan 27, 2020 · A vulnerability in Cisco’s Webex video conferencing platform is one a number of security issues that the company has resolved in recent weeks.