certfr_avis - certfr-2025-avi-0326

CERTFR-2025-AVI-0326

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Cisco Webex App. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Cisco	Webex App	Webex App versions 44.6.x antérieures à 44.6.2.30589
	Cisco	Webex App	Webex App versions 44.7.x antérieures à 44.8

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-webex-app-client-rce-ufyMMYLC

2025-04-16

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Webex App versions 44.6.x ant\u00e9rieures \u00e0 44.6.2.30589",
      "product": {
        "name": "Webex App",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Webex App versions 44.7.x ant\u00e9rieures \u00e0 44.8",
      "product": {
        "name": "Webex App",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-20236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20236"
    }
  ],
  "initial_release_date": "2025-04-17T00:00:00",
  "last_revision_date": "2025-04-17T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0326",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Cisco Webex App. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Webex App",
  "vendor_advisories": [
    {
      "published_at": "2025-04-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-webex-app-client-rce-ufyMMYLC",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC"
    }
  ]
}

CVE-2025-20236 (GCVE-0-2025-20236)

Vulnerability from cvelistv5

Published

2025-04-16 16:16

Modified

2025-04-17 03:55

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Summary

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user. This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Webex Teams	Version: 44.6 Version: 44.6.0.29928 Version: 44.6.0.30148 Version: 44.7 Version: 44.7.0.30141 Version: 44.7.0.30285

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-17T03:55:22.841Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Webex Teams",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "44.6"
            },
            {
              "status": "affected",
              "version": "44.6.0.29928"
            },
            {
              "status": "affected",
              "version": "44.6.0.30148"
            },
            {
              "status": "affected",
              "version": "44.7"
            },
            {
              "status": "affected",
              "version": "44.7.0.30141"
            },
            {
              "status": "affected",
              "version": "44.7.0.30285"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.\r\n\r\nThis vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-829",
              "description": "Inclusion of Functionality from Untrusted Control Sphere",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T17:45:31.016Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-webex-app-client-rce-ufyMMYLC",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC"
        }
      ],
      "source": {
        "advisory": "cisco-sa-webex-app-client-rce-ufyMMYLC",
        "defects": [
          "CSCwn07296"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Webex App Client-Side Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20236",
    "datePublished": "2025-04-16T16:16:23.291Z",
    "dateReserved": "2024-10-10T19:15:13.237Z",
    "dateUpdated": "2025-04-17T03:55:22.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTFR-2025-AVI-0326

Vulnerability from certfr_avis

Solutions

CVE-2025-20236 (GCVE-0-2025-20236)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature