Cisco has created a patch for a vulnerability in the WebEx Meetings app for Android that was remotely exploitable, according to a company advisory.
The vulnerability, which is found in the custom application permissions handling for the app during initialization, would make it possible for a remote attacker, without being authenticated, “to change platform-specific permissions of a custom application,” the advisory said.
If the vulnerability was exploited, it could be used “to silently acquire the same permissions as the WebEx application,” Cisco noted. While the company has issued updates, “workarounds that mitigate this vulnerability are not available,” the advisory said.