Cisco has patched a set of severe vulnerabilities which could lead to remote code execution in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF).
The flaws could be weaponized by hackers to hijack vulnerable software and cause unimaginable damage to victim devices.
The security flaws are CVE-2018-15414, CVE-2018-15421, and CVE-2018-15422.
According to the cybersecurity researchers, the flaws could lead to “an unauthenticated, remote attacker to execute arbitrary code on a targeted system.”
The Cisco Webex Network Recording Player for Advanced Recording Format (ARF), is available for Windows, Mac, and Linux devices; it is used for recording meetings taking place in the Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server.
The following Cisco software is affected:
• Cisco Webex Meetings Suite (WBS32): Webex Network Recording Player versions prior to WBS32.15.10;
• Cisco Webex Meetings Suite (WBS33): Webex Network Recording Player versions prior to WBS33.3;
• Cisco Webex Meetings Online: Webex Network Recording Player versions prior to 1.3.37;
• Cisco Webex Meetings Server: Webex Network Recording Player versions prior to 3.0MR2.
This means that each operating system is vulnerable to at least one of the security flaws.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
The vulnerabilities exist due to the improper invalidation of Webex recording files. If a victim opens an infected crafted file in the Cisco Webex Player (that is usually sent over email as part of a spear phishing campaign) the flaws are exploited.
You cannot evade these vulnerabilities. However, Cisco has developed patches to automatically update vulnerable software.
We recommended that users accept these updates as quickly as possible.
For now, researchers are not aware of any reports of any active exploits in the wild.
We will continue to monitor this cyber problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.