Cisco has fixed a serious vulnerability in remote code execution with Cisco WebEx Network Registration Player for Advanced Registration Format (ARF).
Security vulnerabilities CVE – 2018 – 15414, CVE – 2018 – 15421, and CVE – 2018 – 15422 acquired a baseline score of 7.8.
According to the Cisco Product Security Incident Response Team (PSIRT), loopholes can lead to "unauthenticated remote attackers executing arbitrary code on the target system".
The Cisco WebEx Network Recording Player for Advanced Recording Format (ARF), available on Windows, Mac, and Linux computers, is a component for recording meetings on the Cisco WebEx Meeting Suite site. Cisco WebEx Meeting Online and Cisco WebEx Meeting Server site. .
In the security advisory released this week, Cisco says that the following software will be affected.
- Cisco Webex Meetings Suite (WBS 32): A version of WebEx Network Recording Player prior to WBS 32.15.10.
- Cisco Webex Meeting Suite (WBS 33): Webex Network Recording Player of the version before WBS 33.3.
- Cisco Webex Meeting Online: Version of Webex Network Recording Player prior to 1.3.37.
- Cisco Webex Meetings Server: WebEx Network Recording Player version prior to 3.0MR2
According to Cisco, all operating systems are vulnerable to at least one security vulnerability.
References: Popular VPNs contain code execution security vulnerabilities despite patches
Vulnerability is due to invalid invalidation of Webex registration file. If the victim opens a malicious file (possibly being sent by e-mail as part of lance phishing) created by Cisco WebEx Drive, the bug has been eliminated and this can be exploited.
TechRepublic: Cisco switch failures are causing attacks on critical infrastructure in several countries
There is no workaround to solve these vulnerabilities. However, at Cisco, we are developing a patch to automatically update vulnerable software.
Users will accept these updates as soon as possible. This technical journalist is aware that some versions of Cisco WebEx Meeting may be at the end of the support cycle and do not receive these updates. In such a case, the user needs to contact the company directly.
CNET: Thanks to Kansas City, Cisco and Sprint smarter
Alternatively, the ARF component is an add-in that you can manually uninstall easily. Removal tool is now available.
Cisco does not recognize essentially reports on active exploits.
Source Incite and Ziad's Steven Seeley …
Hope you like the news Cisco releases fixes for remote code execution flaws in Webex Network Recording Player. Stay Tuned For More Updates 🙂