Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Cisco publishes patch for WebEx Meetings app for Android

Cisco has created a patch for a vulnerability in the WebEx Meetings app for Android that was remotely exploitable, according to a company advisory.

The vulnerability, which is found in the custom application permissions handling for the app during initialization, would make it possible for a remote attacker, without being authenticated, “to change platform-specific permissions of a custom application,” the advisory said.

If the vulnerability was exploited, it could be used “to silently acquire the same permissions as the WebEx application,” Cisco noted. While the company has issued updates, “workarounds that mitigate this vulnerability are not available,” the advisory said. 

The company's Product Security Incident Response Team (PSIRT) has not detected the vulnerability being used maliciously nor has it found any public announcements regarding the flaw.

Related

Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.