Cisco releases fix for privilege escalation bug in Webex Meetings app
Cisco has released a security update for Webex Meetings which resolves an exploitable vulnerability leading to privilege escalation.
Security
The security flaw, CVE-2018-15442, exists in the Cisco Webex Meetings Desktop App for Windows and "could allow an authenticated, local attacker to execute arbitrary commands as a privileged user."
A failure to sufficiently validate user-supplied parameters in the app has caused the problem, which can be exploited by a threat actor who invokes the update service command with a crafted argument.
This could force the system to run arbitrary commands with system user privileges.
See also: Meet the malware which turns your smartphone into a mobile proxy
According to Cisco's security advisory, all Cisco Webex Meetings Desktop App releases prior to 33.6.0, and Cisco Webex Productivity Tools Releases 32.6.0 and later prior to 33.0.5 on the Microsoft Windows operating system are affected.
TechRepublic: Pennsylvania elections bring back paper ballots to improve security and auditability
There are no workarounds and so to protect systems against this vulnerability, deemed "important," admins should apply Cisco's fix or allow automatic updates to take place.
The Webex Meetings alert was issued at the same time as an advisory for a critical vulnerability, a recently-disclosed libssh bug, which impacts vendors which use the library.
CVE-2018-10933, which was disclosed last week, is an authentication bypass bug which permits unauthorized, remote attackers to gain access to a targeted system.
It is known that vendors including F5 and Red hat have also been affected by the vulnerability, which is considered "trivial" to exploit. Now, Cisco has confirmed the security flaw also impacts its products.
CNET: Cathay Pacific breach leaks personal data on 9.4 million people
Earlier this month, Cisco resolved two severe vulnerabilities in the tech giant's Digital Network Architecture (DNA) Center software. If exploited, the flaws could permit remote attackers to take control of identity management functions, as well as access core management functions.