Attacker Value
High
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

Get System-level Code Execution Through Webex Vulnerability

Disclosure Date: October 24, 2018
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

Add Assessment

1
Ratings
  • Attacker Value
    High
  • Exploitability
    Medium
Technical Analysis

Details

On vulnerable versions of Cisco’s Webex client software, any local or domain user can execute commands
with SYSTEM-level privileges. The software installs a service called WebExService, that once started,
will run commands at the SYSTEM level.

This exploit prompts for an Administrator verification on Windows 10 and requires credentials to exploit, but it
is still a useful exploit for targets prior to Windows 10.

CVSS V3 Severity and Metrics
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Vendors

  • Cisco

Products

  • Cisco WebEx Event Center
Technical Analysis