Cisco has updates to take care of vulnerabilities affecting multiple products where a remote attacker could leverage to take control of an affected system.
One of the issues is with the WebEx Advanced Recording Format (ARF) remote code execution vulnerability, where the ARF files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user.
An attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or open the file. Successful exploitation could allow the attacker to execute arbitrary code on the user’s system.
The Cisco WebEx players are applications used to play back WebEx meeting recordings that have been recorded by an online meeting attendee. The player can be installed automatically when a user accesses a recording file that is hosted on a WebEx server.
Cisco has updated affected versions of Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and the Cisco WebEx ARF Player to address this vulnerability. There are no workarounds that address this vulnerability.
The vulnerability was discovered by Kushal Arvind Shah of Fortinet’s FortiGuard Labs and there is no indication that it is currently being exploited in the wild.
In addition, other Cisco products have updates:
• Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
• Secure Access Control System Remote Code Execution Vulnerability
• Wireless LAN Controller 802.11 Management Frame Denial-of-Service Vulnerability
• Wireless LAN Controller IP Fragment Reassembly Denial-of-Service Vulnerability
• Meeting Server Remote Code Execution Vulnerability
• Aironet 1810, 1830, and 1850 Series Access Points Point-to-Point Tunneling Protocol Denial-of-Service Vulnerability
• Aironet 1800, 2800, and 3800 Series Access Points Secure Shell Privilege Escalation Vulnerability