Cisco publishes patch for WebEx Meetings app for Android

Cisco has created a patch for a vulnerability in the WebEx Meetings app for Android that was remotely exploitable, according to a company advisory.
Cisco has created a patch for a vulnerability in the WebEx Meetings app for Android that was remotely exploitable, according to a company advisory.

Cisco has created a patch for a vulnerability in the WebEx Meetings app for Android that was remotely exploitable, according to a company advisory.

The vulnerability, which is found in the custom application permissions handling for the app during initialization, would make it possible for a remote attacker, without being authenticated, “to change platform-specific permissions of a custom application,” the advisory said.

If the vulnerability was exploited, it could be used “to silently acquire the same permissions as the WebEx application,” Cisco noted. While the company has issued updates, “workarounds that mitigate this vulnerability are not available,” the advisory said. 

The company's Product Security Incident Response Team (PSIRT) has not detected the vulnerability being used maliciously nor has it found any public announcements regarding the flaw.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS