====================================================================


                             CERT-Renater

                 Note d'Information No. 2018/VULN268
_____________________________________________________________________

DATE                : 06/09/2018

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows running Cisco Webex Meetings Client for
                                            Windows.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe
_____________________________________________________________________

Cisco Security Advisory: Cisco Webex Meetings Client for Windows
Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20180905-webex-pe

Revision: 1.0

For Public Release: 2018 September 5 16:00 GMT

Last Updated: 2018 September 5 16:00 GMT

CVE ID(s): CVE-2018-0422

CVSS Score v(3): 7.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

+---------------------------------------------------------------------

Summary

=======

A vulnerability in the folder permissions of Cisco Webex Meetings client
for Windows could allow an authenticated, local attacker to modify
locally stored files and execute code on a targeted device with the
privilege level of the user.

The vulnerability is due to folder permissions that grant a user the
permission to read, write, and execute files in the Webex folders. An
attacker could exploit this vulnerability to write malicious files to
the Webex client directory, affecting all other users of the targeted
device. A successful exploit could allow a user to execute commands with
elevated privileges.

Attacks on single-user systems are less likely to occur, as the attack
must be carried out by the user on the user's own system. Multiuser
systems have a higher risk of exploitation because folder permissions
have an impact on all users of the device. For an attacker to exploit
this vulnerability successfully, a second user must execute the locally
installed malicious file to allow remote code execution to occur.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe"]

=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================