Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Cisco Plugs High-Risk Security Flaws in Webex, SD-WAN

Enterprise security vendor Cisco has shipped fixes for a wide range of severity vulnerabilities, including patches for high-risk flaws in the widely deployed Webex Player, SD-WAN software, and ASR 5000 series software.

Enterprise security vendor Cisco has shipped fixes for a wide range of severity vulnerabilities, including patches for high-risk flaws in the widely deployed Webex Player, SD-WAN software, and ASR 5000 series software.

A total of three high-severity vulnerabilities (CVSS score of 7.8) were patched in Webex Player for Windows and macOS, two of which also affect the Webex Network Recording Player for those operating systems.

The first of the bugs, CVE-2021-1526, is a memory corruption issue that could be abused to execute arbitrary code on an affected system. The flaw could be abused through rigged Webex Recording Format (WRF) files.

The issue affects Cisco Webex Player for Windows and MacOS releases prior to version 41.5, but does not impact the Webex Network Recording Player.

The next two vulnerabilities — CVE-2021-1502 and CVE-2021-1503 — are memory corruption bugs that impact both Webex Network Recording Player and Webex Player, on both Windows and macOS. Both could be exploited to achieve arbitrary code execution on an affected system.

Both flaws are addressed in Webex Network Recording Player and Webex Player releases 41.4 and later.

This week, Cisco also announced patches for CVE-2021-1528, a high risk (CVSS score of 7.8) issue in SD-WAN software, which could be exploited to gain elevated privileges on a vulnerable system.

The bug impacts SD-WAN versions 20.4 and 20.5 (vBond Orchestrator, vEdge Cloud and vEdge Routers, vManage, and vSmart Controller) and was addressed with the release of SD-WAN versions 20.4.2 and 20.5.1.

Cisco also released patches for a couple of vulnerabilities in ASR 5000 series software (StarOS) that could be exploited to bypass authorization and execute CLI commands on an affected machine. The most important of these flaws is CVE-2021-1539 (CVSS score of 8.1).

Cisco encourages users to update to patched versions of each product as soon as possible. The company also notes that it is not aware of these flaws being exploited in attacks.

This week, Cisco also published information on multiple medium risk vulnerabilities impacting various products from its portfolio, including Webex Meetings, Webex Player, ThousandEyes Recorder, Video Surveillance 7000 series IP cameras, and Common Services Platform Collector (CSPC).

Additionally, the company revealed that many of its products are affected by a series of vulnerabilities identified in the frame aggregation and fragmentation functionality of the 802.11 standard. An attacker could abuse these flaws to forge encrypted frames and exfiltrate sensitive data from an affected device.

While Cisco did publish a list of impacted devices, that list is not exhaustive, as the company is still investigating the impact from these issues.

Additional details on all these vulnerabilities can be found on Cisco’s security portal.

Related: Vulnerability in Lasso Library Impacts Cisco, Akamai Products

Related: High-Severity Vulnerabilities Expose Cisco Firewalls to Remote Attacks

Related: Cisco Patches Critical Flaw in SD-WAN vManage

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.