Click here to visit Original posting
- Cisco found and fixed three vulnerabilities, including a high-severity one
- The high-severity issue was found in the Cisco Webex app
- It allowed criminals to run commands remotely
Cisco has patched a high-severity vulnerability in its Webex video conferencing platform which allowed threat actors to mount remote code execution (RCE) attacks against exposed endpoints.
The bug was discovered in the custom URL parser of a Cisco Webex app and is described as an “insufficient input validation” vulnerability.
“An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files,” the bug’s NVD page reads. “A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.”
Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.
It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.
Preferred partner (What does this mean?)View Deal
No revolution
The vulnerability is tracked as CVE-2024-20236, and was assigned a severity score of 8.8/10 (high).
Cisco further explained that the vulnerability is present in all older versions of the product, regardless of the OS it’s running on, or system configurations.
The networking giant also said there were no workarounds for the bug, so installing the update is the only way to mitigate the risk.
While the most severe, it’s not the only vulnerability Cisco recently addressed. The company also fixed two more flaws, CVE-2025-20178 (6.0/10), and CVE-2025-20150 (5.3/10).
The former is a privilege escalation flaw in Secure Networks Analytics’ web-based management interface, and allows threat actors to run arbitrary controls as root, with admin credentials.
The latter was found in a Nexus Dashboard, and allows threat actors to enumerate LDAP user accounts remotely, separating valid accounts from the invalid ones.
The good news is that the vulnerabilities are not yet being exploited in the wild, BleepingComputer reports, citing analysis from the company’s Product Security Incident Response Team (PSIRT).
Cisco’s equipment, both software and hardware, are popular in both the enterprise and in consumer households. That makes them a prime target for threat actors, both state-sponsored and profit-oriented.
Via BleepingComputer
You might also like
- Cisco warns a decade-old vulnerability is back and targeting users
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers