Security News > 2018 > April > Cisco plugs critical hole in WebEx, users urged to upgrade ASAP

Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
2018-04-19 12:11

Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a booby-trapped Flash file shared in a meeting. About the vulnerability (CVE-2018-0112) The flaw is due to insufficient input validation by the Cisco WebEx clients, and affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. (The Cisco WebEx Business Suite (WBS) meeting services and Cisco WebEx Meetings … More → The post Cisco plugs critical hole in WebEx, users urged to upgrade ASAP appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/9mf5QMMhLj8/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2018-0112 Improper Input Validation vulnerability in Cisco products
A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.
network
low complexity
cisco CWE-20
critical
9.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749