Steven Seeley (mr_me) of Source InciteSRC-2018-0034SRC-2018-0034 : Cisco Webex Meetings Desktop App Update Service DLL Planting Elevation of Privilege Vulnerability
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.2%
Vulnerability Details:
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Webex Meetings Desktop App. An attacker must first obtain the ability to execute low-privileged code on the target system or have valid credentials in order to exploit this vulnerability.
The specific flaw exists when parsing user supplied paths to the update service. The issue results from the lack of validating the supplied path prior to executing signed binaries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
Affected Vendors:
Cisco
Affected Products:
Webex Meetings Desktop App
Vendor Response:
Cisco has issued an update to correct these vulnerabilities. More details can be found at:
<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection>
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
95.2%