Rewterz Threat Advisory – Cisco Webex Network Recording Player and Cisco Webex Player

Rewterz Threat Alert – More Covid-19 Malicious URLs

April 17, 2020

Rewterz Threat Advisory – Cisco IP Phones Web Application Buffer Overflow

April 17, 2020

Rewterz Threat Advisory – Cisco Webex Network Recording Player and Cisco Webex Player

Severity

High

Analysis Summary

CVE-2020-3194

The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.

Impact

Arbitrary Code Execution

Affected Vendors

Cisco

Affected Products

Cisco Webex Network Recording Player
Cisco Webex Player

Remediation

Please refer to vendor’s advisory for the list of affected products and patches.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-Q7Rtgvby

Rewterz Threat Alert – More Covid-19 Malicious URLs

Rewterz Threat Advisory – Cisco IP Phones Web Application Buffer Overflow

Rewterz Threat Advisory – Cisco Webex Network Recording Player and Cisco Webex Player

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan