Intrusion Prevention

Cisco.WebEx.NRP.CVE-2019-1772.Arbitrary.Code.Execution

Description

This indicates an attack attempt against a Memory Corruption vulnerability in Cisco Webex Network Recording Player.
The vulnerability is due to Cisco Webex Network Recording Player improper handling of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

Affected Products

Cisco Webex Business Suite sites - All Webex Network Recording Player and Webex Player versions prior to Version WBS39.2.205
Cisco Webex Meetings Online - All Webex Network Recording Player and Webex Player versions prior to Version 1.3.42
Cisco Webex Meetings Server - All Webex Network Recording Player versions prior to Version 2.8MR3 SecurityPatch2, 3.0MR2 SecurityPatch2, or 4.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2019-1772