New reports of Critical Cisco WebEx RCE vulnerability exploits

Cisco WebEx RCE vulnerability

Cisco released a new security update warning users of ongoing, limited exploitation of a critical WebEx vulnerability that impacts multiple Cisco products.

The original advisory was released in January of 2017, which includes software updates to address a WebEx Browser Extension Remote Code Execution Vulnerability CVE-2017-3823 that impacts multiple products.

The Cisco Product Security Incident Response Team (PSIRT) released the latest update to the advisory on Thursday and provided a summary of the WebEx RCE vulnerability:

“The vulnerability is due to a design defect in an application programming interface (API) response parser within the plugin. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.”

The vulnerability impacts the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when running on Microsoft Windows OS.

Cisco also released on Thursday security updates for three High severity vulnerabilities that impact Cisco Small Business RV320 and RV325 Routers (CVE-2019-1652 and CVE-2019-1653), as well as IOS XE Software (CVE-2019-1742).

This comes after Cisco previously released additional security updates to address 17 High risk and six Medium severity bugs that impact multiple Cisco products, to include Cisco IOS and IOS XE Software.