Discovered a particularly dangerous vulnerability in Cisco Jabber video conferencing software
Network equipment maker Cisco has released a new version of its Jabber web conferencing and messaging application for Windows 10. This new release includes fixes for many of the vulnerabilities that, if exploited, can expose them. allow hackers to attack, install and run arbitrary software on the victim's machine.
The vulnerabilities, discovered by Norwegian cybersecurity firm Watchcom, affect all active versions of Cisco Jabber. And for now, they have been patched by Cisco.
Two of the four vulnerabilities can be exploited to install and run arbitrary software on a victim's machine by sending messages specifically designed for group or individual chats.
The most serious of these was the codenamed CVE-2020-3495 vulnerability, a CVSS hazard rating of 9.9. This vulnerability leads to incorrect message content validation, so hackers can use them to send messages designed according to Extensible Messaging and Presence Protocol (XMPP).
"When the exploit is successful, the hacker can cause the application to launch arbitrary programs on the victim's system with the privileges of the user account running Cisco Jabber. From there, the hacker can run any code. or any software, " Cisco revealed.
Just a few days ago, Cisco had to warn of a zero-day vulnerability being actively exploited by hackers in the software of the IOS XR router.
Cisco recommends that users update to the latest version of Jabber software immediately.
You should read it
- 7 Cisco security tips
- Cisco ASA 5585-X - The most powerful security device available today
- Review the Cisco RV180 VPN router
- List the default password of Cisco routers and switches
- 4 places to help you learn skills and get Cisco certification
- 5 best Cisco network device monitoring tools
- Cisco security equipment is targeted at DoS attacks through an old vulnerability
- Instructions for configuring Cisco routers
- 10 commands to master when working with Cisco IOS
- Warning: Detecting more than 1000 Cisco router and switch devices in Vietnam has a serious security error
- Cisco Router Configuration Guide 1800 series (Cisco 1801, 1802, 1803, 1811, 1812)
- Extremely powerful Wi-fi transmitter for businesses