Cisco has launched safety updates for a high-severity Webex vulnerability that enables unauthenticated attackers to achieve client-side distant code execution utilizing malicious assembly invite hyperlinks.
Tracked as CVE-2025-20236, this safety flaw was discovered within the Webex customized URL parser and could be exploited by tricking customers into downloading arbitrary recordsdata, which lets risk actors execute arbitrary instructions on programs operating unpatched software program in low complexity assaults.
“This vulnerability is because of inadequate enter validation when Cisco Webex App processes a gathering invite hyperlink,” Cisco defined in a safety advisory launched this week.
“An attacker may exploit this vulnerability by persuading a person to click on a crafted assembly invite hyperlink and obtain arbitrary recordsdata. A profitable exploit may permit the attacker to execute arbitrary instructions with the privileges of the focused person.”
This safety bug impacts Cisco Webex App installations no matter working system or system configuration. There are not any workarounds, so software program updates are required to dam potential exploitation makes an attempt.
| Cisco Webex App Launch | First Mounted Launch |
|---|---|
| 44.5 and earlier | Not susceptible. |
| 44.6 | 44.6.2.30589 |
| 44.7 | Migrate to a set launch. |
| 44.8 and later | Not susceptible. |
This week, Cisco additionally launched safety patches for a privilege escalation flaw (CVE-2025-20178) in Safe Community Analytics’ web-based administration interface, which may let attackers with admin credentials run arbitrary instructions as root.
Cisco additionally addressed a Nexus Dashboard vulnerability (CVE-2025-20150) that enables unauthenticated attackers to enumerate LDAP person accounts remotely and decide which usernames are legitimate.
Nevertheless, the corporate’s Product Safety Incident Response Workforce (PSIRT) discovered no proof-of-concept exploits within the wild and no proof of malicious exercise concentrating on programs unpatched towards safety flaws fastened this Wednesday.
Earlier this month, Cisco additionally warned admins to patch a crucial Cisco Good Licensing Utility (CSLU) static credential vulnerability (CVE-2024-20439) that exposes a built-in backdoor admin account and is now actively exploited in assaults.
In late March, CISA added the CVE-2024-20439 flaw to its Recognized Exploited Vulnerabilities Catalog and ordered U.S. federal businesses to safe their networks towards ongoing assaults inside three weeks by April 21.
