Friday, November 20, 18:15
Home security Cisco: Bugs on Webex allow hackers to enter meetings!

Cisco: Bugs on Webex allow hackers to enter meetings!

Cisco yesterday fixed three bugs in Webex Meetings that could allow hackers to participate in meetings without the knowledge of the participants. Cisco Webex is an online software for meetings and teleconferencing, which provides users with, among other things, the ability to make presentations, share their screen and record a conversation.

Use of Cisco's remote meeting platform increased by 451% in just four months, in view of the new conditions created by its global pandemic Mesures COVID-19. It is noteworthy that about 4 million meetings are held through it platform Cisco on a daily basis, with over 320.000.000 users.

Cisco: Bugs on Webex allow hackers to enter meetings!

The cybercriminals exploiting these bugs could become "ghost" users by participating in one Interactive meeting without being noticed. In other words, unauthorized users can join a meeting without appearing on the user list and without being invited to attend. However, they can speak, listen, speak and communicate whatever they want.

The three bugs could also allow attackers to stay in the Webex meeting and maintain a two-way audio connection even after the administrators have been removed, as well as gain access to Webex users' information, such as addresses. e-mail and IP addresses from the meeting room lobby. Bugs have been detected on Cisco Webex Meetings and Cisco Webex Meetings Server.

According to BleepingComputer, if hackers succeed in exploiting these bugs, they could do the following:

  • Participate in a Webex meeting without appearing on the list of participants, having full access to audio, video, chat and screen sharing capabilities (CVE-2020-3419)
  • Stay in a Webex meeting as ghosts, maintaining the audio connection (CVE-2020-3471)
  • To obtain access information about participants, including full names, email addresses and IP addresses - from the meeting room lobby, even without being accepted into the call (CVE-2020-3441)

The researchers identified attacks carried out by hackers exploiting these bugs on Webex in Windows, macOS and version iOS Webex Meetings applications and the Webex Room Kit.

Cisco: Bugs on Webex allow hackers to enter meetings!

Cisco fixed the bugs by repairing Cisco Webex Meetings-based sites in cloud and releasing security updates for in-house software, such as the Cisco Webex Meetings mobile application and the Cisco Webex Meetings Server software.

Finally, users are advised to download the latest version of Webex immediately to protect themselves from hackers. Her research team IBM has also made a video demo that provides vulnerability information as well as tips on what Webex Meetings can do to prevent potential attacks.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

00:02:58

Pixel 5: 5 features make it a better choice than the iPhone 12

One of the most exciting smartphone trends of 2020 was the rise of "value flagships" that offer flagship experiences at a lower price ...

How to insert bullets into an Excel spreadsheet

Adding a list of bullets to an Excel worksheet is not simple, but it is possible. Unlike Microsoft ...

iPhone: How to take square photos

The updated iPhone camera app in iOS 14 has changed some settings or added new ones. If you want to take square photos, ...

ELTA email fraud: Phishing email asks you to pay!

ELTA email fraud: Phishing email asks you to pay! Phishing email asks you to pay a fee for parcel delivery.

Microsoft adds consumer features to Teams

Microsoft launched the Teams consumer capabilities on iOS and Android earlier this year. From yesterday, November 19, ...

What are the malware that usually install ransomware?

If you see any of these malware on your corporate networks, stop doing everything and check all your systems.

The LidarPhone attack turns smart brooms into microphones

A group of academics released a new study this week in which they turned a smart vacuum cleaner into a microphone capable of ...

Fake QR codes expose your cell phone to hackers

Nowadays, QR codes are everywhere, as they are easy to use and fast. The word itself means "quick response". The scan ...

Hackers from China, Russia, Iran and North Korea are targeting Canada!

A report published by the Cyber ​​Security Center of Canada, entitled "National Cyber ​​Threat Assessment 2020", warns of risks associated with ...

Apple will pay $ 113 million for deliberate slowdown of iPhones

Apple has agreed to pay millions of dollars in 34 states due to its previous controversial practice of deliberately slowing down older iPhones ...