Cisco Warns of High-Severity Vulnerability in Webex

A high-severity vulnerability in the Webex Meetings Desktop App for Windows could allow a hacker to modify the underlying operating system.

Leave a Comment

Cisco is warning of a high-severity vulnerability in the Webex Meetings Desktop App for Windows that could allow a hacker to modify the underlying operating system configuration, the company said in an advisory.

The vulnerability, categorized as “high,” could allow a local attacker to execute arbitrary code on a targeted system.

The advisory comes as many organizations continue to rely on videoconferencing and collaboration applications like Webex, Zoom, Microsoft Teams and others.

According to Cisco, the vulnerability in virtualization channel messaging in the Webex Meetings Desktop App occurs when the app is deployed in a virtual desktop environment and using virtual environment optimization.

It can only be exploited when the Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop and is configured to use the Webex Meetings virtual desktop plug-in for thin clients, according to Cisco.

Read Next: Cisco Warns of Zero-Day Remote Attack Vulnerability

The vulnerability was found during internal security testing and is not believed to have been exploited for malicious uses.

Cisco is urging users to patch the vulnerability and has issued fixes in Cisco Webex Meetings Desktop App for Windows releases 40.6.9 and later and 40.8.9 and later, the company said in the advisory.

According to Cisco, customers must update the Cisco Webex Meetings Desktop App in the hosted virtual desktop in the virtual desktop environment. No changes are required in the thin-client plug-in software.

Cisco, along with other unified communications and collaboration providers is the COVID-19 era, has been actively releasing new products, features and devices to help organizations jump start and improve their remote work operations.

Last month, Cisco announced new personalization features, a new user interface, audio filtering along with new meeting room sensors and devices that make it easier to book and manage conference rooms and ensure people are practicing social distancing.

This article originally appeared on our sister site My TechDecisions. 

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

About the Author

Contact:

Zachary Comeau is the senior editor of CE Pro. He comes from a journalism background with more than a decade of experience writing for Commercial Integrator, My TechDecisions, and several daily newspapers and industry trade publications in Massachusetts.

Commercial Integrator Magazine

Read More Articles Like This… With A FREE Subscription

Commercial Integrator is dedicated to addressing the technological and business needs of professional integrators who serve the small and midsize business market. Whether you design, sell, service, or install… work on offices, churches, hospitals, schools or restaurants, Commercial Integrator is the dedicated resource you need.

No Comments yet. Be the first to comment!

Leave a Reply

Your email address will not be published. Required fields are marked *