Cisco Webex security flaw could let hackers hijack your system via a meeting invite

• Cisco found and fixed three vulnerabilities, including a high-severity one
• The high-severity issue was found in the Cisco Webex app
• It allowed criminals to run commands remotely

Cisco has patched a high-severity vulnerability in its Webex video conferencing platform which allowed threat actors to mount remote code execution (RCE) attacks against exposed endpoints.

The bug was discovered in the custom URL parser of a Cisco Webex app and is described as an “insufficient input validation” vulnerability.

“An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files,” the bug’s NVD page reads. “A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.”

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is ...