Cisco is warning of a high-severity vulnerability in the Webex Meetings Desktop App for Windows that could allow a hacker to modify the underlying operating system configuration, the company said in an advisory.
The vulnerability, categorized as “high,” could allow a local attacker to execute arbitrary code on a targeted system.
The advisory comes as many organizations continue to rely on videoconferencing and collaboration applications like Webex, Zoom, Microsoft Teams and others.
According to Cisco, the vulnerability in virtualization channel messaging in the Webex Meetings Desktop App occurs when the app is deployed in a virtual desktop environment and using virtual environment optimization.
It can only be exploited when the Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop and is configured to use the Webex Meetings virtual desktop plug-in for thin clients, according to Cisco.
Read Next: Cisco Warns of Zero-Day Remote Attack Vulnerability
The vulnerability was found during internal security testing and is not believed to have been exploited for malicious uses.
Cisco is urging users to patch the vulnerability and has issued fixes in Cisco Webex Meetings Desktop App for Windows releases 40.6.9 and later and 40.8.9 and later, the company said in the advisory.
According to Cisco, customers must update the Cisco Webex Meetings Desktop App in the hosted virtual desktop in the virtual desktop environment. No changes are required in the thin-client plug-in software.
Cisco, along with other unified communications and collaboration providers is the COVID-19 era, has been actively releasing new products, features and devices to help organizations jump start and improve their remote work operations.
Last month, Cisco announced new personalization features, a new user interface, audio filtering along with new meeting room sensors and devices that make it easier to book and manage conference rooms and ensure people are practicing social distancing.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply