Security News > 2020 > September > Cisco patches critical, wormable RCE flaw in Cisco Jabber
Cisco has patched four vulnerabilities in its Jabber client for Windows, the most critical of which could allow attackers to achieve remote code execution by sending specially crafted chat messages.
Cisco Jabber is a video conferencing and instant messaging application that's often used within enterprises for internal communication and collaboration.
"To exploit this vulnerability, an attacker must be able to send XMPP messages to end-user systems running Cisco Jabber for Windows. Attackers may require access to the same XMPP domain or another method of access to be able to send messages to clients," Cisco explained.
"As a result of exploitation, an attacker could cause the application to run an arbitrary executable that already exists within the local file path of the application. The executable would run on the end-user system with the privileges of the user who initiated the Cisco Jabber client application."
Watchcom researchers have provided more technical details about the flaw, and pointed out that since the Cisco Jabber supports file transfers, an attacker can initiate a file transfer containing a malicious.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/oknOD-oukxc/
Related news
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) (source)
- Critical Cisco bug lets hackers add root users on SEG devices (source)
- Progress warns of critical RCE bug in Telerik Report Server (source)
- Critical ServiceNow RCE flaws actively exploited to steal credentials (source)
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) (source)
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)