The Remote Code Execution Vulnerability found in CISCO Network to gain control of the target system.
Multiple vulnerabilities found in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. According to Cisco Security Advisory
The vulnerabilities are due to improper validation of Webex recording files. An attacker could exploit these vulnerabilities by sending a malicious link or email attachment and by using Social Engineering techniques to the user to open the file in the Cisco Webex Player. A successful exploit could allow the attacker to execute arbitrary code on an affected system.
Cisco Webex
Cisco Webex Meeting services can be configured to allow recording of a meeting that is stored online and can be downloaded by a user in ARF format. These services can also record meetings directly on local computers in WRF format. The Cisco Webex Network Recording Player plays .arf files and the Cisco Webex Player plays .wrf files.
The Network Recording Player can be installed automatically when a user accesses a recording file, that is hosted on a Cisco Webex Meetings Suite site (for streaming playback mode). The Cisco Webex Network Recording Player can also be installed manually. The Cisco Webex Player can only be manually installed from the Webex site.
Vulnerable Products
These vulnerabilities affect ARF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. The following versions of ARF recording players are affected:
- Cisco Webex Meetings Suite (WBS32) – Webex Network Recording Player versions prior to WBS32.15.10
- Cisco Webex Meetings Suite (WBS33) – Webex Network Recording Player versions prior to WBS33.3
- Cisco Webex Meetings Online – Webex Network Recording Player versions prior to 1.3.37
- Cisco Webex Meetings Server – Webex Network Recording Player versions prior to 3.0MR2
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Fixed Releases
The following versions of the Cisco Webex Network Recording Player available from the Cisco Webex Meetings Suite sites (WBS32, WBS33), Cisco Webex Meetings Online site, and Cisco Webex Meetings Server address all the vulnerabilities described in this advisory:
- Cisco Webex Meetings Suite (WBS32) – Cisco Webex Network Recording Player versions WBS32.15.10 and later.
- Cisco Webex Meetings Suite (WBS33) – Cisco Webex Network Recording Player versions WBS33.3 and later.
- Cisco Webex Meetings Online – Webex Network Recording Player versions 1.3.37 and later.
- Cisco Webex Meetings Server – Webex Network Recording Player versions 3.0MR2 and later
You can use third-party software to for protecting Cisco Webex utilities.