Cisco has released security updates to address a critical remote code execution (RCE) flaw affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms.
In September Cisco released security updates to address another critical RCE security flaw (CVE-2020-3495) stemming from a Cross-Site Scripting (XSS) issue in Cisco Jabber.
After Cisco mitigated the above issue, researchers at Watchcom discovered a new wormable RCE flaw and reported it to the IT giant. Watchcom explained that three flaws, including an RCE issue, have not been properly mitigated by the vendor.
The expert discovered new flaws that affect all currently supported Cisco Jabber versions, from 12.1 up to 12.9.
The RCE vulnerability discovered by the researchers is an XSS bug tracked as CVE-2020-26085. The flaw could be exploited by an attacker to execute arbitrary code remotely by escaping Cisco Jabber’s CEF sandbox.
“The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted XMPP messages to the affected software.” reads the advisory published by Cisco. “A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, possibly resulting in arbitrary code execution.”
The vulnerability could be exploited without user interaction and is wormable.
The experts published a video PoC f that attack that exploits the Cisco Jabber vulnerabilities fixed in September 2020.
(SecurityAffairs – hacking, BISMUTH)