ZDNet

Cisco WebEx Chrome extension allowed arbitrary code execution: Project Zero

Cisco has closed a remote code execution vulnerability in its WebEx extension for Chrome, after Project Zero's Tavis Ormandy alerted the networking giant to the issue on Saturday. According to Ormandy ...
Threat Post

Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’

Users of the conferencing platform should update immediately. A critical vulnerability in Cisco WebEx browser extensions that could allow unauthenticated remote code-execution (RCE) on targeted ...
Threat Post

Cisco Patches Another Critical Ormandy Bug in WebEx Extension

Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco’s WebEx extension for Chrome and Firefox that allows for remote code execution. Cisco has provided ...
Digital Trends

Google researcher finds major security flaw in Cisco's WebEx Chrome extension

A Google Chrome browser extension with a user base of 20 million has been updated to patch a serious security vulnerability that made it possible to run malicious code with a minimum of effort. Users ...
ZDNet

XSS on WebEx domains undoes previous fixes to Cisco WebEx Chrome extension

At the start of this week, Google Project Zero security researcher Tavis Ormandy made public his discovery of a remote code execution vulnerability within Cisco's WebEx extension for Chrome. In his ...
PC World

Cisco starts patching critical flaw in WebEx browser extension

Cisco Systems has started to patch a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on computers.
PC World

Severe vulnerability in Cisco’s WebEx extension for Chrome leaves PCs open to easy attack

Anyone who uses the popular Cisco WebEx extension for Chrome should update to the latest version pronto. Google security researcher Tavis Ormandy recently discovered a serious vulnerability in the ...