Security News > 2020 > December > The patch that wasn't: Cisco emits fresh fixes for NTLM hash-spilling vuln and XSS-RCE combo in Jabber app
A previous patch for Cisco's Jabber chat product did not in fact fix four vulnerabilities - including one remote code execution flaw that would allow malicious people to hijack targeted devices by sending a carefully crafted message.
Watchcom added: "The patch released in September only patched the specific injection points that Watchcom had identified. The underlying issue was not addressed. We were therefore able to find new injection points that could be used to exploit the vulnerabilities."
The NTLM password hash can be collected, Watchcom added, by "Sending a message that contains a malicious tag, an attacker can force the victim's Cisco Jabber client to interact with a file share the attacker controls."
"Following the release of software fixes on September 2, Cisco and a security researcher independently discovered additional, distinct vulnerabilities through testing. We followed our well-established security vulnerability process to address and disclose these vulnerabilities on December 10. Cisco maintains a very open relationship with the security community, and we view this as vital to helping protect our customers' networks. We thank the security researchers at Watchcom for reporting the vulnerabilities they discovered."
Admins whose orgs use Cisco Jabber should install the latest patches from Cisco, which are available here.
News URL
Related news
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)