Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2017-01-24 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISC Stormcast For Tuesday, January 24th 2017 https://isc.sans.edu/podcastdetail.html?id=5343
All things Apple Updated today: iTunes 12.5.5 (Windows), Safari 10.0.3, macOS 10.12.3, iOS 10.2.1, tvOS 10.1.1, watchOS 3.1.3 - Details at https://support.apple.com/en-ca/HT201222

Critical Vulnerability in Cisco WebEx Chrome Plugin

Published: 2017-01-24
Last Updated: 2017-01-24 00:17:52 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

The Google 0-Day project announced a critical remote code execution vulnerability in Cisco's WebEx plugin for Google Chrome. This vulnerability allows a remote attacker to execute arbitrary code on the victim's system by delivering it to the WebEx plugin via a special "secret" URL. 

The secret pattern:  cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html

Google set up a test page and published a detailed report about how this vulnerability can be used to execute code [1].

Note that version 1.0.3 of the plugin, which was released on Sunday (Jan 22nd), appears to be still vulnerable. At this point, it is probably best to uninstall the plugin and use a different browser for WebEx (of course, this issue may affect plugins for other browsers as well).

An attack would be invisible to the user if executed "right". The user does not have to willingly join a WebEx meeting to exploit this vulnerability.

 

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1096

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords: chrome cisco webex
0 comment(s)
Diary Archives