Security News > 2020 > June > Used Cisco Webex recently? Memory vuln could have let remote attackers snoop on your meetings and files

Cisco Webex suffered from a vuln that could have allowed an attacker to access any account by simply copy-pasting a unique session token into a browser string.

Once the token was extracted from the dump file, researchers were able to make a crafted HTTP POST request to Webex's servers, mimicking a genuine connection attempt, which returned a one-time login ticket for live meetings.

Mador continued: "Using the leaked information I was able to access my own account from another machine with a different IP address. It allowed me to see all meetings along with invited parties and meeting password, download past meeting recordings and so on."

Immediately before the March shutdown of the western world's economies, Cisco 'fessed up to a vuln that let anyone join a password-protected meeting, while in March it issued patches for a remote code execution vuln that allowed an attacker to run code contained in a suitably crafted video file using one of two Webex-specific file formats.

In April, a US judge humiliated Switchzilla by refusing its pleas to use Webex for the remote hearing of a patent trial, instead ordering it onto arch-rival Zoom's platform.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/06/18/cisco_webex/