A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this vulnerability by persuading a user to follow a malicious URL. A successful exploit could allow the attacker to cause the application to execute other programs that are already present on the end-user system. If malicious files are planted on the system or on an accessible network file path, the attacker could execute arbitrary code on the affected system.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-url-fcmpdfVY | Vendor Advisory |
Configurations
Information
Published : 2020-06-17 20:15
Updated : 2021-09-17 11:55
NVD link : CVE-2020-3263
Mitre link : CVE-2020-3263
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
cisco
- webex_meetings