CVE-2020-27133

Name of the Vulnerable Software and Affected Versions Cisco Jabber for Windows (affected versions not specified) Cisco Jabber for MacOS (affected versions not specified) Cisco Jabber for mobile platforms (affected versions not specified)

Description The issue is related to errors in neutralizing special elements used in the OS command. Exploitation of the issue could allow a remote attacker to execute arbitrary code or gain access to sensitive information with elevated privileges on the underlying operating system.

Recommendations For Cisco Jabber for Windows, consider disabling any features that allow execution of OS commands until a patch is available. For Cisco Jabber for MacOS, restrict access to sensitive information and avoid using elevated privileges when possible. For Cisco Jabber for mobile platforms, avoid using the application until a fixed version is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.