CVE-2019-1636

Name of the Vulnerable Software and Affected Versions Cisco Webex Teams (affected versions not specified)

Description A vulnerability in the Cisco Webex Teams client could allow an attacker to execute arbitrary commands on a targeted system. This issue arises from unsafe search paths used by the application URI defined in Windows operating systems. An attacker could exploit this by convincing a targeted user to follow a malicious link, potentially causing the application to load libraries from the directory targeted by the URI link. If the attacker can place a crafted library in a directory accessible to the vulnerable system, they could execute arbitrary commands on the system with the privileges of the targeted user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.