Cisco has announced multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
This vulnerability is due to improper validation of message content. An attacker could exploit this vulnerability by sending crafted XMPP messages to the affected software. A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, which could result in arbitrary code execution.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Affected Products:
- Cisco Jabber for Windows
- Cisco Jabber for MacOS
- Cisco Jabber for mobile platforms.
For further information please to the link below:
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities
Matsco recommends any affected systems are updated as soon as convenient.
Please contact the Matsco Solutions team on the below if you would like any further information.
support@matscosolutions.com
Beijing +86 400 120 2782
Hong Kong +852 8101 8418
London +44 (0)20 7821 4950
New York +1 866 446 9226
Singapore +65 6100 1090
Share this Post