Cisco fixes three vulnerabilities in the Webex video conferencing app that allows intruders to join Webex meetings as ghost users. The vulnerabilities were discovered by security researchers from IBM, who conducted a review of remote working tools Cisco was using internally during the coronavirus pandemic.
Read More: How Disinformation Affects CISOs
Attackers who had access to a meeting URL could connect to a Webex server and send malformed packets, and manipulate the server into gaining access to meetings and data related to the participants.
IBM and Cisco have agreed to limit information about these vulnerabilities until all patches have been made available to the users.