CVE-2020-3321

Name of the Vulnerable Software and Affected Versions Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows (affected versions not specified)

Description A vulnerability exists due to insufficient validation of certain elements within Webex recordings stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). This could allow an attacker to cause a process crash, resulting in a Denial of Service (DoS) condition for the player application on an affected system. An attacker could exploit this by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading them to open it with the affected software. A successful exploit could cause the Webex player application to crash when trying to view the malicious file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.