Six RCE and system-crash bugs were listed in the security advisory, each of them relating to holes in the ARF player and the WebEx Recording Format (WRF) files. This isn’t the first ARF-related bug in the platform, either: Last November, Cisco issued a critical alert warning of multiple vulnerabilities in its popular WebEx player. An attacker could exploit the flaw by sending meeting attendees a malicious Flash file through the WebEx client’s file-sharing protocol. As recently as last week, Cisco patched another RCE vulnerability ( CVE-2018-0112), this time due to an insufficient input validation by the WebEx clients. This is just the latest WebEx flaw to burst on the scene.
#Cisco arf player Patch
The IT giant has also made a patch available for the affected products.
#Cisco arf player software
There are no workarounds that address the problem, but it’s possible to remove all WebEx software completely from a system by using a specialized tool created by Cisco. If clicked, the file opens the door to executing arbitrary code on the user’s system. Follow the link to access the event on-demand” could be spectacularly effective. First is the Cisco Webex Network Recording Player, used to play back Advanced Recording Format (ARF) files on the Windows operating system. Given how many businesses use WebEx, and how many workers attend WebEx meetings and events, it’s easily conceivable that an email using a lure along the lines of “Thanks for attending our webinar. Cisco said in an advisory that attackers can take advantage of this large attack surface via social engineering and spam campaigns, with the aim of convincing users to open a malicious ARF file. This post will talk about the best ARF player software. According to our research, most media players are not compatible with ARF. WebEx is widely deployed, and is used for audio and web conferencing along with broadcast applications like webinars and corporate C-suite speeches. The popular online meeting app, Cisco WebEx, produces a unique video file format, ARF. Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, the Cisco WebEx Meetings Server and the Cisco WebEx ARF Player itself are all affected. Step 2: Open the WebEx video file (.
The player is installed automatically when a user accesses a recording file hosted on a WebEx server. Additional information about downloading WebEx video files (.arf) is available from the. The bug ( CVE-2018-0264) exists in the platform’s Recording Player for Advanced Recording Format (ARF), which allows users to play back WebEx meeting recordings. A critical vulnerability in the recording function of Cisco Systems’ WebEx conferencing platform has been uncovered, allowing for remote code execution. Attackers can use the flaw by convincing users to open a file purporting to be a recording of a past WebEx event.
0 kommentar(er)
