Number: AV17-103
Date: 17 July 2017
Purpose
The purpose of this advisory is to bring attention to the recently released Cisco Security Advisory.
Assessment
Cisco has released a security advisory to address a critical vulnerability in its WebEx browser extensions for Google Chrome and Mozilla Firefox. Successful exploitation could allow a remote unauthenticated attacker to execute code and gain full control of an affected device.
The following versions of the Cisco WebEx browser extensions are affected by the vulnerability:
- Versions prior to 1.0.12 of the Cisco WebEx extension on Google Chrome
- Versions prior to 1.0.12 of the Cisco WebEx extension on Mozilla Firefox
CVE Reference: CVE-2017-6753
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex