WebEx is widely deployed, and is used for audio and web conferencing along with broadcast applications like webinars and corporate C-suite speeches. Cisco said in an advisory that attackers can take advantage of this large attack surface via social engineering and spam campaigns, with the aim of convincing users to open a malicious ARF file.
Given how many businesses use WebEx, and how many workers attend WebEx meetings and events, it’s easily conceivable that an email using a lure along the lines of “Thanks for attending our webinar. Follow the link to access the event on-demand” could be spectacularly effective.
If clicked, the file opens the door to executing arbitrary code on the user’s system.
There are no workarounds that address the problem, but it’s possible to remove all WebEx software completely from a system by using a
specialized tool created by Cisco. The IT giant has also
made a patch available for the affected products.