InfoSec – Critical Vulnerability in Cisco WebEx Chrome Plugin

Update: Version 1.0.5 of the Google Chrome WebEx plugin, released this morning, fixes this issue.

The Google 0-Day project announced a critical remote code execution vulnerability in Cisco’s WebEx plugin for Google Chrome. This vulnerability allows a remote attacker to execute arbitrary code on the victim’s system by delivering it to the WebEx plugin via a special “secret” URL.

The secret pattern:  cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html

Google set up a test page and published a detailed report about how this vulnerability can be used to execute code [1].

Note that version 1.0.3 of the plugin, which was released on Sunday (Jan 22nd), appears to be still vulnerable. At this point, it is probably best to uninstall the plugin and use a different browser for WebEx (of course, this issue may affect plugins for other browsers as well).

An attack would be invisible to the user if executed “right”. The user does not have to willingly join a WebEx meeting to exploit this vulnerability.

 

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1096


Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Source: InfoSec Handlers Diary Blog – Critical Vulnerability in Cisco WebEx Chrome Plugin


No Comments so far.

Leave a Reply