Author: Melodie Foster
Date: 19th November 2020
A vulnerability left Webex open to an attacker being able to spy in on company meetings as ghost users and even stay in the room after being kicked out.
Security researchers from IBM discovered the vulnerability as they were looking into the remote tool being used by Cisco because of the pandemic.
The researchers said that when three bugs were combined, they would allow an attacker to join a Webex meeting as ghost user and would not be visible to other participants in the meeting but would still have full access to audio, video chats and screensharing. It would also be possible to remain in a Webex meeting as a ghost audio user even after being kicked out and finally, an attacker could be able to obtain information on meeting participants even before admitted to a call such as full name and IP addresses.
However, the risk has only been rated medium by Cisco and been given a CVSS score of 6.5 out of 10. While an attacker can be remote, they would need applicable “join” links and passwords for specific meetings, which lessens the severity.
Cisco will be releasing patches today for those three vulnerabilities [1].
[1] https://www.zdnet.com/article/cisco-webex-bugs-allow-attackers-to-join-meetings-as-ghost-users/
Other resources

Cyberfort Colocation Services
Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?
Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives
Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >
Recent Comments