Cisco Re-Issues Patch For High-Severity WebEx Flaw

November 28, 2018


Cisco has re-issued a patch for a high-severity vulnerability in its WebEx Meetings platform, after researchers were able to bypass the first fix.

The patch addresses a privilege-escalation vulnerability, CVE-2018-15442, in Cisco’s Webex Meetings Desktop App for Windows. The glitch exists in the update service of the app, which does not properly validate user-supplied parameters and thus could allow a local attacker to elevate privileges.

While the flaw was first patched in October, researchers at SecureAuth deemed the fix to be insufficient after they discovered a bypass, which they detailed in a Tuesday post.

Read More on Threat Post