Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Cisco Plugs High-Risk Security Flaws in Webex, SD-WAN

Enterprise security vendor Cisco has shipped fixes for a wide range of severity vulnerabilities, including patches for high-risk flaws in the widely deployed Webex Player, SD-WAN software, and ASR 5000 series software.

Enterprise security vendor Cisco has shipped fixes for a wide range of severity vulnerabilities, including patches for high-risk flaws in the widely deployed Webex Player, SD-WAN software, and ASR 5000 series software.

A total of three high-severity vulnerabilities (CVSS score of 7.8) were patched in Webex Player for Windows and macOS, two of which also affect the Webex Network Recording Player for those operating systems.

The first of the bugs, CVE-2021-1526, is a memory corruption issue that could be abused to execute arbitrary code on an affected system. The flaw could be abused through rigged Webex Recording Format (WRF) files.

The issue affects Cisco Webex Player for Windows and MacOS releases prior to version 41.5, but does not impact the Webex Network Recording Player.

The next two vulnerabilities — CVE-2021-1502 and CVE-2021-1503 — are memory corruption bugs that impact both Webex Network Recording Player and Webex Player, on both Windows and macOS. Both could be exploited to achieve arbitrary code execution on an affected system.

Both flaws are addressed in Webex Network Recording Player and Webex Player releases 41.4 and later.

This week, Cisco also announced patches for CVE-2021-1528, a high risk (CVSS score of 7.8) issue in SD-WAN software, which could be exploited to gain elevated privileges on a vulnerable system.

The bug impacts SD-WAN versions 20.4 and 20.5 (vBond Orchestrator, vEdge Cloud and vEdge Routers, vManage, and vSmart Controller) and was addressed with the release of SD-WAN versions 20.4.2 and 20.5.1.

Cisco also released patches for a couple of vulnerabilities in ASR 5000 series software (StarOS) that could be exploited to bypass authorization and execute CLI commands on an affected machine. The most important of these flaws is CVE-2021-1539 (CVSS score of 8.1).

Cisco encourages users to update to patched versions of each product as soon as possible. The company also notes that it is not aware of these flaws being exploited in attacks.

This week, Cisco also published information on multiple medium risk vulnerabilities impacting various products from its portfolio, including Webex Meetings, Webex Player, ThousandEyes Recorder, Video Surveillance 7000 series IP cameras, and Common Services Platform Collector (CSPC).

Additionally, the company revealed that many of its products are affected by a series of vulnerabilities identified in the frame aggregation and fragmentation functionality of the 802.11 standard. An attacker could abuse these flaws to forge encrypted frames and exfiltrate sensitive data from an affected device.

While Cisco did publish a list of impacted devices, that list is not exhaustive, as the company is still investigating the impact from these issues.

Additional details on all these vulnerabilities can be found on Cisco’s security portal.

Related: Vulnerability in Lasso Library Impacts Cisco, Akamai Products

Related: High-Severity Vulnerabilities Expose Cisco Firewalls to Remote Attacks

Related: Cisco Patches Critical Flaw in SD-WAN vManage

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.