A new Cisco Webex privilege escalation vulnerability

This vulnerability can be exploited only by local attackers

Malicious hackers could exploit a privilege escalation vulnerability in Cisco Webex Meetings for Windows operating systems to execute arbitrary commands using administrator privileges, report network security specialists from the International Institute of Cyber Security.

This vulnerability affects all versions of the Cisco Webex Meetings desktop application between 33.6.4.15 and 33.8.2.7, although experts do not rule out the possibility that earlier versions could also be affected by this vulnerability.

This vulnerability (CVE-2019-1674) is a command injection in the operating system designed to dodge new CISCO security measures, implemented after correcting a DLL-hijacking problem found in the same application earlier.

According to network security experts, CVE-2019-1674 exists due to the inability of the update service for Webex Windows to properly validate the version numbers of the new files. Non-privileged local attackers could exploit the vulnerability by invoking the update service command with a specially crafted command.

Malicious hackers could exploit this vulnerability by replacing the update binary of this application with a previous version using the fake software update technique. Then escalation of privileges is generated and hackers execute arbitrary commands with administrator privileges.

This is not the first time that network security experts find vulnerabilities in this tool, although it is not considered as severe as the vulnerability known as webexec, which allows attackers to execute commands remotely through a component of a vulnerable version of Webex.

(Visited 1 199 times)