Published: 24/10/2018 Updated: 09/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 745

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local malicious user to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the malicious user to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an malicious user to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex meetings desktop
cisco webex productivity tools

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user The vulnerability is due to insufficient validation of user-supplied parameters An attacker could exploit this vulnerability by invoking the update service command w ...

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges This vulnerability is related to a previous security issue fixed by Cisco in October Affected versions include Cisco Webex Meetings Desktop App releases prior to 3364 and Cisco Webex Productivity Tools release ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## # Windows XP systems that are not part of a domain default to treating all # network logons as if they were Guest This prevents SMB relay attacks from # gaining administrative access to these systems This sett ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = GoodRanking include Msf::Exploit::EXE include Msf::Exploit::FileDropper include Msf::Post::File include Msf::Post::Windows::Priv include Msf::P ...

Full Disclosure mailing list archives   By Date By Thread </form>    [CORE-2018-0011] - Cisco WebEx Meetings Elevation of Privilege Vulnerability  <!--X-Head-of ...

A critical remote code execution vulnerability exists in WebExService (WebExec).

nmap --script smb-vuln-webexec --script-args smbusername=<username>,smbpass=<password> -p445 <host>

PORT    STATE SERVICE      REASON
445/tcp open  microsoft-ds syn-ack
| smb-vuln-webexec:
|   VULNERABLE:
|   Remote Code Execution vulnerability in WebExService
|     State: VULNERABLE
|     IDs:  CVE:CVE-2018-15442
|     Risk factor: HIGH
|       A critical remote code execution vulnerability exists in WebExService (WebExec).
|     Disclosure date: 2018-10-24
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15442
|       https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
|_      https://webexec.org

CWE-78 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection http://www.securitytracker.com/id/1041942 http://www.securityfocus.com/bid/105734 https://www.exploit-db.com/exploits/45696/https://www.exploit-db.com/exploits/45695/https://nvd.nist.gov http://seclists.org/fulldisclosure/2018/Nov/59 https://www.exploit-db.com/exploits/45695/https://nmap.org/nsedoc/scripts/smb-vuln-webexec.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection

CVE-2018-15442

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Mailing Lists

Nmap Scripts

References

Vulmon Search

About

Products

Connect