Network Security, Patch/Configuration Management, Vulnerability Management

Cisco patches critical remote code execution flaw in WebEx browser extensions

Share

Cisco on Monday released software updates to fix a critical remote code execution vulnerability in its WebEx browser extensions for both the Google Chrome and Mozilla Firefox browsers.

Officially designated as CVE-2017-6753, the bug affects Cisco's extensions for its WebEx Meetings Server, Cisco WebEx Centers, and Cisco WebEx Meetings, leaving them susceptible to attack when running on Microsoft Windows.

According to a Cisco security advisory, an unauthenticated, remote adversary could exploit the flaw to execute code, with browser privileges, by tricking a user into their visiting an attacker-controlled website or clicking on a malicious link.

WebEx extensions Versions prior to 1.0.12 for both Chrome and Firefox contain the flaw, which Cisco said is "due to a design defect."

Cisco patches critical remote code execution flaw in WebEx browser extensions

Cisco on Monday released software updates to fix a critical remote code execution vulnerability in its WebEx browser extensions for both the Google Chrome and Mozilla Firefox browsers.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.