Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Webex Vulnerability Exploited to Join Meetings Without a Password

Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited.

Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited.

The vulnerability, tracked as CVE-2020-3142 and classified as high severity, affected Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites, releases earlier than 39.11.5 and 40.1.3. However, Cisco says the fixes apply only to the sites and users are not required to update their mobile or desktop Webex Meetings applications.

According to Cisco, the flaw allowed an unauthenticated attacker to join password-protected meetings without the need to provide a password. For the authentication bypass to work, the attacker would need to initiate the connection from the iOS or Android versions of the Webex mobile app.

“The vulnerability is due to unintended meeting information exposure in a specific meeting join flow for mobile applications. An unauthorized attendee could exploit this vulnerability by accessing a known meeting ID or meeting URL from the mobile device’s web browser. The browser will then request to launch the device’s Webex mobile application,” Cisco said in its advisory.

The networking giant has pointed out that while an attacker would have been able to join a password-protected meeting, they would have been seen by the other attendees.

The vulnerability was discovered during the resolution of a support case and Cisco believes it has not been publicly disclosed. However, the advisory says, “Cisco PSIRT is aware of active use of the vulnerability that is described in this advisory.”

Cisco told SecurityWeek that some of its customers had used the vulnerability to access their own meetings, and the company is also aware of “exploitation of the vulnerability by unauthenticated attendees using the mobile app to gain unauthorized access to Webex’s audio capability.”

“Cisco has applied updates to address the vulnerability so further exploitation is not possible,” a Cisco spokesperson said in an emailed statement. “Transparency at Cisco is a matter of top priority. When security issues arise, we handle them openly and swiftly, so our customers understand the issue and how to address it.”

Related: Hackers Continue to Exploit Cisco ASA Vulnerability Patched Last Year

Related: PoC Exploits Released for Cisco DCNM Vulnerabilities

Related: Cisco Patches Critical Vulnerability in Network Security Tool

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.