Security News > 2020 > March > High-Severity Cisco Webex Flaws Fixed

High-Severity Cisco Webex Flaws Fixed
2020-03-05 15:11

Cisco Webex Player is also affected, which used to play back Webex Recording Format files on the Windows OS. WRF files contain audio and video recordings, typically used for demonstrations, training and conferencing.

While Cisco did not detail the technicalities of the vulnerabilities, it said that "An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system," according to Cisco in a Wednesday advisory.

To determine which release of Cisco Webex Network Recording Player or Cisco Webex Player is installed on a system, users can open the player and choose Help > About.

In January, Cisco fixed a high-severity vulnerability in Webex that could have let strangers barge in on password-protected meetings sans authentication.

The certificate validation vulnerability could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints.


News URL

https://threatpost.com/high-severity-cisco-webex-flaws-fixed/153462/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749