“A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could have allowed an unauthenticated, remote attacker to join a Webex session without appearing on the participant list,” Cisco wrote in a statement, adding it has the researchers at IBM to thank for reporting the vulnerability. According to the company, Jiyong Jang, Research Scientist, and Manager, Dhilung Kirat, Research Scientist, Ian Molloy, Principal RSM, and Department Head, and J.R. Rao, IBM Fellow, and CTO were a part of the team who discovered the threat, which has since been fixed.
The vulnerability was caused by what Cisco calls the ‘improper handling of authentication tokens by a vulnerable Webex site.’ An unwanted visitor could have therefore used this to their advantage by sending out requests to what Cisco deemed at-risk Cisco Webex Meetings or Cisco Webex Meetings Server sites.
“A successful exploit would have required the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords”
If that was the case, the attacker could then exploit the vulnerability by joining meetings, in a sort of stealth mode, and not appearing among the system’s list of meeting participants. They would, in theory, have gained full access to audio, video, chat, and screen sharing capabilities, posing serious security concerns for the collaboration giant.
The company said that once a meeting intruder entered the meeting and got expelled, they could have maintained an audio connection. Those same users could have also gained access to information on meeting attendees — sensitive and information such as the full names, email addresses, and IP addresses of attendees — all from the meeting room lobby.
Each of the bugs impacted both Cisco Webex Meetings sites (cloud-based) and Cisco Webex Meetings Server (on-premises solutions) and require no further user action. Those who use the Cisco Webex Meetings Server, however, should plan to upgrade to 3.0MR3 Security Patch 5 or 4.0MR3 Security Patch 4, which has all the necessary fixes they need to stay safe while using the Cisco collaboration platform.
Cisco’s recent security shortcomings also impacted Cisco Webex Meetings apps releases 40.10.9 and earlier for iOS and Android. In this instance, users are too urged to implement the necessary updates provided by Cisco so they remain unaffected by the potential of meeting intrusion. Cisco advises its customers to regularly consult with Cisco advisories for Cisco products, which you can do from the Cisco Security Advisories page. Doing so will help you determine if you have been exposed and help you upgrade your solution to the right version if you have.
“In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release”
As a general rule, if you do not have your updates set to automatic, you should ensure that the version of the Cisco Webex Meetings you’re using is up-to-date. Cisco recently released a slew of new features, some that customers have waited on for a long time, including one that lets users remove background noise, automatic in-meeting mute warnings, and dark mode.
