• English
  • Japanese

Webex Network Recording Players Remote Code Execution Vulnerabilities

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. There is no risk when a .arf player that is stored on a Webex site is played in the Webex Network Recording Player.

Current version of Keio WebEx is not affected by this vulnerability. But if you have installed the record player in the past, it may be affected. In that case, please do the following.

Login to WebEx

[Meeting Center] - [Support] - [Downloads] - [Recorder and Players] - [Recording and Playback]

Download and Install the latest player from [WebEx Player and Network Recording Player]

See below for details.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce

Last-Modified: July 25, 2018

The content ends at this position.