CVE-2020-26085

Name of the Vulnerable Software and Affected Versions Cisco Jabber for Windows (affected versions not specified) Cisco Jabber for MacOS (affected versions not specified) Cisco Jabber for mobile platforms (affected versions not specified)

Description The issue is related to multiple vulnerabilities in Cisco Jabber that could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges or gain access to sensitive information. Exploitation of these vulnerabilities may also enable a remote attacker to perform a cross-site scripting attack due to inadequate protection of the web page structure. Additionally, errors in object handling in memory may allow an unauthorized access to protected information.

Recommendations For Cisco Jabber for Windows, consider disabling vulnerable functions until a patch is available. For Cisco Jabber for MacOS, restrict access to sensitive information to minimize the risk of exploitation. For Cisco Jabber for mobile platforms, avoid using potentially vulnerable features until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.