CVE-2021-1372 Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows Shared Memory Information Disclosure Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected software. An...

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux versions of its AnyConnect Secure Mobility Client Software. While Cisco said it is not aware of any exploits in the wild for the vulnerability, it said Proof-of-Concept PoC exploit...

Vulnerability fixed in Cisco Webex Meetings

A vulnerability has been fixed in the Cisco Webex Meetings Desktop App for Windows. The vulnerability allows a malicious party to to overwrite files on the end user's system. Cisco has released updates to fix the vulnerability. More information can be found on the page below:...

Cisco Webex Meetings Desktop App Input Validation Error Vulnerability (CNVD-2020-45577)

Cisco Webex Meetings Desktop App is a video conferencing control application for use in desktop environments from Cisco USA. An input validation error vulnerability exists in the user interface of the Cisco Webex Meetings Desktop App versions prior to 39.5.24, 40.4.6, and 40.6, which arises from...

The vulnerability of the software update service for Cisco Webex Meetings Desktop App allows a perpetrator to execute arbitrary code.

The vulnerability of the software update service for the Cisco Webex Meetings Desktop App is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Input validation

A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this vulnerability by...

Memory corruption

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. The vulnerability is due to unsafe usage of shared memory that is used by the affected software. An attacker with permissions...

CVE-2020-3263 Cisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this vulnerability by...

The vulnerability of the software update service for Cisco Webex Meetings Desktop App and Webex Productivity Tools allows a perpetrator to execute arbitrary commands.

The vulnerability of the software update service for Cisco Webex Meetings Desktop App and Webex Productivity Tools exists due to the lack of measures taken to neutralize special commands used in the operating system’s command line. Exploiting this vulnerability allows an attacker to execute...

CVE-2019-1674

A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters...

CVE-2018-15442

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...

CVE-2018-15442 Cisco Webex Meetings Desktop App Update Service Command Injection Vulnerability

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...