Cisco Webex security flaw could let hackers hijack your system via a meeting invite

News
By published

Patch was already released, so Webex users should update now

cisco logo
(Image credit: Shutterstock / Ken Wolter)
  • Cisco found and fixed three vulnerabilities, including a high-severity one
  • The high-severity issue was found in the Cisco Webex app
  • It allowed criminals to run commands remotely

Cisco has patched a high-severity vulnerability in its Webex video conferencing platform which allowed threat actors to mount remote code execution (RCE) attacks against exposed endpoints.

The bug was discovered in the custom URL parser of a Cisco Webex app and is described as an “insufficient input validation” vulnerability.

“An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files,” the bug’s NVD page reads. “A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.”

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)

View Deal

No revolution

The vulnerability is tracked as CVE-2024-20236, and was assigned a severity score of 8.8/10 (high).

Cisco further explained that the vulnerability is present in all older versions of the product, regardless of the OS it’s running on, or system configurations.

The networking giant also said there were no workarounds for the bug, so installing the update is the only way to mitigate the risk.

While the most severe, it’s not the only vulnerability Cisco recently addressed. The company also fixed two more flaws, CVE-2025-20178 (6.0/10), and CVE-2025-20150 (5.3/10).

The former is a privilege escalation flaw in Secure Networks Analytics’ web-based management interface, and allows threat actors to run arbitrary controls as root, with admin credentials.

The latter was found in a Nexus Dashboard, and allows threat actors to enumerate LDAP user accounts remotely, separating valid accounts from the invalid ones.

The good news is that the vulnerabilities are not yet being exploited in the wild, BleepingComputer reports, citing analysis from the company’s Product Security Incident Response Team (PSIRT).

Cisco’s equipment, both software and hardware, are popular in both the enterprise and in consumer households. That makes them a prime target for threat actors, both state-sponsored and profit-oriented.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.