Multiple vulnerabilities have been reported in Cisco Webex Network Recording Player and Cisco Webex Player for Windows systems. Reported flaws could allow threat actors to execute arbitrary code on affected systems.

Cisco Webex Network Recording Player is the application used to play ARF files available on Cisco Webex Meetings sites. This player can be installed manually from the download page of the Cisco Webex website in classic view or from the Cisco Webex video recording page. Moreover, Cisco Webex Player is the application that is used to play WRF files available on Cisco Webex Meetings sites. The player can be installed manually from the download page of the Cisco Webex website in classic view or from the Cisco Webex video recording page.

These flaws appear to exist due to insufficient validation of some items during Webex recordings, which are stored in Advanced Recording Format (ARF) or Webex Recording Format (WRF). Malicious hackers could exploit these vulnerabilities by sending a malicious ARF or WRF file via a link; exploiting these flaws would allow the execution of arbitrary code with high privileges on the affected system.

These vulnerabilities were tracked as CVE-2020-3573, CVE-2020-3603 and CVE-2020-3604. All three flaws are considered high severity and received a score of 7.8/10 according to the Common Vulnerability Scoring System (CVSS).

Reported flaws reside in the following products:                                                              

  • Cisco Webex Meetings: all versions of Webex Network Recording Player and Webex Player prior to the first fixed release
  • Cisco Webex Meetings Server: all versions of Webex Network Recording Player prior to the first fixed release

These flaws have already been fixed, so affected installation administrators are advised to update the corresponding patches as soon as possible. At the moment no functional workarounds are known, so installing the patches is the only feasible solution at the moment.