Cisco Webex vulnerabilities may enable attackers to covertly join meetings

Cisco has fixed three bugs in its Cisco Webex video conferencing offering that may allow attackers to: Join Webex meetings without appearing in the participant list (CVE-2020-3419) Covertly maintain an audio connection to a Webex meeting after being expelled from it (CVE-2020-3471) Gain access to information (name, email, IP address, device info) on meeting attendees without being admitted to the meeting (CVE-2020-3441) About the Cisco Webex vulnerabilities The three flaws were discovered by IBM researchers, after the company’s research department and the Office of the CISO decided to analyze their primary tool for remote meetings (i.e., Cisco Webex).

Read full article on Help Net Security