Cisco Patches Network Recording Player Remote Code Execution Vulnerabilities

[Bot]

Cisco released patches for multiple cross-platform vulnerabilities affecting the company's Webex Network Recording Player which would allow remote unauthenticated attackers to gain control of target systems.

The vulnerabilities have been found to affect the ARF recording players installed on Cisco Webex Meetings Online sites (up to 1.3.37), Cisco Webex Meetings Suite sites (up to WBS32.15.10/WBS33.3), and Cisco Webex Meetings Server (up to 3.0MR2).

According to Cisco's advisory, the vulnerabilities found to affect the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) are due to improper validation of Webex recording files.

The vulnerabilities can be exploited by threat actors via hyperlinks and e-mail attachments leading to or containing a maliciously crafted file which would give the attackers control of the system once played using t... (read more)

Read more: Cisco Patches Network Recording Player Remote Code Execution Vulnerabilities