CVE-2021-1418

Name of the Vulnerable Software and Affected Versions Cisco Jabber for Windows (affected versions not specified) Cisco Jabber for MacOS (affected versions not specified) Cisco Jabber for mobile platforms (affected versions not specified)

Description The issue allows an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. The vulnerability is related to insufficient input validation, which can be exploited by sending specially crafted XMPP messages, potentially leading to a denial of service condition.

Recommendations For Cisco Jabber for Windows, consider restricting the processing of XMPP messages until a fix is available. For Cisco Jabber for MacOS, avoid using the platform until a patch is released. For Cisco Jabber for mobile platforms, restrict access to the platform to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.