As the COVID-19 crisis continues to spread, larger numbers of enterprises and learning organizations are moving meetings and classrooms online via video-teleconferencing (VTC) platforms. The FBI has issued a new warning of recent VTC attacks and also offered guidance on how to better security VTC platforms.
Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.
Cisco has patched a high risk vulnerability CVE-2020-3142 in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites. An unauthenticated actor could join a password-protected meeting without inputting the meeting password.
Researchers have discovered attackers can take advantage of Webex Meetings API calls to enumerate Webex meeting numbers. Attackers can also launch similar "enumeration attacks" against Zoom platform for ongoing or future meetings .
Cisco has released security updates to patch high risk vulnerabilities in multiple products to include Cisco Webex Teams and Industrial Network Director (IND).
Cisco has released security updates to patch critical and high severity vulnerabilities in multiple Cisco products to include small business switches, IOS XR, Webex and others.
Cisco released a new security update warning users of ongoing, limited, exploitation of a critical WebEx vulnerability that impacts multiple products.
Cisco released a security update to fix a critical vulnerability in the vContainer of the Cisco SD-WAN Solution. A remote authenticated attacker could cause a denial of service (DoS) condition and execute arbitrary code as the root user.
Cisco has released security updates to fix vulnerabilities in its Webex Meetings Desktop Application and Webex Productivity Tools.
Cisco issued new security updates to address vulnerabilities on multiple Cisco products to include WebEx, Secure Access Control System (ACS), Wireless LAN Controller (WLC), Meeting Server, and Aironet.