Cisco releases a second fix for the flaw affecting Webex Meetings

This week Cisco has released a second new fix for a serious Webex vulnerability, who was first discovered one month ago.
The flaw known as WebExec has the following identification code CVE-2018-15442. It affects releases up to version 33.6.4 of the Cisco Webex Meetings desktop app, and Webex Productivity Tools releases 32.6.0 and later, prior to 33.0.6.

This big cybersecurity flaw happens because insufficient validation of user-supplied parameters allows a local and authenticated hacker to execute arbitrary commands with highest privileges.
However, researchers warned that a remote exploitation of this flaw may also be possible in Active Directory deployments.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

At that time, researchers also discovered that Cisco’s 1st fix was incomplete because it can be bypassed using a technique known as DLL hijacking. Meaning that the vulnerability can be exploited by copying to a local hacker controller folder, the ptUpdate.exe binary. Then, a malicious DLL must be placed in the same folder, named wbxtrace.dll. After all these steps are done, the hacker must start the service with the command line: sc start webexservice install software-update 1 ‘attacker-controlled-path’.
Cisco was notified about this hole in the patch and the networking giant quickly confirmed the findings.

Soon Cisco said: “After an additional attack method was reported to Cisco, the previous fix for this vulnerability was determined to be insufficient. A new fix was developed, and the advisory was updated on November 27, 2018, to reflect which software releases include the complete fix,”
Then Cisco released a new set of patches and updates for the incomplete patch.

Keep in mind that our modern society is dependent on computers, mobile devices, and the use of the internet always stay safe and secured.
We would continue to monitor the cybersecurity world. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.