Cisco resolves vulnerability in Webex video conferencing platform

27 Jan 2020

Cisco's headquarters. Image: © Andrei/Stock.adobe.com

A vulnerability in Cisco’s Webex video conferencing platform is one a number of security issues that the company has resolved in recent weeks.

Cisco has fixed a “high-severity” vulnerability in its Webex video conferencing platform, after it was discovered that strangers could access password-protected meetings without authentication.

On Friday (24 January), the company wrote about the vulnerability, saying: “An unauthorised attendee could exploit this vulnerability by accessing a known meeting ID or meeting URL from the mobile device’s web browser.

“The browser will then request to launch the device’s Webex mobile application. A successful exploit could allow the unauthorised attendee to join the password-protected meeting.”

Security issues

The company said that the unauthorised connection attempt could have been made from either an iOS or Android device, and that the unauthorised attendee would have been listed as a mobile attendee in a video conference, which may have alerted users to an unwanted viewer.

Cisco confirmed that the vulnerability has now been addressed and that no user action is required. The issue affected Cisco Webex Meetings Suite for versions earlier than 39.11.5 and Cisco Webex Meetings Online for releases earlier than 40.1.3.

A few weeks before this vulnerability was announced, the California-based business reported two other security flaws. One of the flaws enabled remote attackers to execute commands through Webex, while the other affected the web user interface of Cisco IOS and Cisco IOS XE.

A flaw in Cisco’s administrative management tool

Last week, Cisco confirmed that there was a critical vulnerability in its administrative management tool for Cisco network security solutions.

On 22 January, the company published a security advisory on the vulnerability, which could have allowed an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

“The vulnerability is due to improper handling of lightweight directory access protocol (LDAP) authentication responses from an external authentication server,” the company said.

“An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.”

Cisco has since released software updates to resolve this issue, which could have affected security solutions such as firewalls.

Kelly Earley was a journalist with Silicon Republic

editorial@siliconrepublic.com