Security News > 2018 > April > Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
2018-04-19 12:11
Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a booby-trapped Flash file shared in a meeting. About the vulnerability (CVE-2018-0112) The flaw is due to insufficient input validation by the Cisco WebEx clients, and affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. (The Cisco WebEx Business Suite (WBS) meeting services and Cisco WebEx Meetings … More → The post Cisco plugs critical hole in WebEx, users urged to upgrade ASAP appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/9mf5QMMhLj8/
Related news
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-19 | CVE-2018-0112 | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. | 9.0 |