A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers when they are running on Microsoft Windows.
The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.
Chinese state-sponsored hackers are targeting military and aerospace interests in Russia and Belarus. Since the summer of 2016, a group has begun using a new downloader known as ZeroT, spear-phishing emails to install the PlugX remote access Trojan (RAT), according to security researchers. The group is also using Microsoft Compiled HTML Help (.chm) files to deliver PlugX in spear-phishing emails.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.