Cisco Webex Meetings for Windows Let Hackers Gain Access to Sensitive Data


Cisco Webex Meetings

A vulnerability with Cisco Webex Meetings Desktop App for Windows allows an authenticated local attacker to gain access for sensitive information on a vulnerable system.

The vulnerability can be tracked as CVE-2020-3347 and it is due to unsafe usage of shared memory used by the application.

According to Trustwave SpiderLabs Security who discovered the vulnerability, if a user configured the client to log in automatically, then the client has several memory-mapped files that are not protected from reading or writing.

Read more…