- Cisco warns about new vulnerability on Webex for Broadworks
- The fault allowed threat actors to steal sensitive files remotely
- A solution was already implemented, and users must be updated immediately
Cisco has warned Webx for Broadworks users of vulnerability that could allow threat actors to access confidential data remotely.
Cisco Webex for Broadworks is a cloud collaboration solution that integrates the videoconference tool with Broadworks -based service providers networks, which offers messages, calls and meeting capabilities for companies.
In a security notice published on the Cisco website, the company said it discovered a vulnerability of low severity in version 45.2 of the application, which allowed malicious actors to access confidential data if the transport is not certainly configured for SIP communication.
Exploiting the defect
“This vulnerability is due to the exposure of confidential information in SIP headers,” Cisco explained.
He also added that he discovered a related problem that could allow a non -authenticated user to access credentials in flat text, in customer and server records.
“A malicious actor could exploit this vulnerability and the related problem to access data and credentials and impersonate the user,” Cisco warned.
Since the company has already made a configuration change that will solve both vulnerability and the related problem, users are recommended to restart their Cisco Webex applications to apply the changes. For those who prefer to implement an alternative solution, Cisco said that administrators could configure safe transport for SIP communication to encrypt transit data.
“Cisco also recommends rotary credentials to protect against the possibility that credentials have been acquired by a malicious actor,” concludes the notice. Until now, there has been no evidence that vulnerability has been abused in nature.
At the beginning of February 2025, Cisco launched patches for two critical severity vulnerabilities that affect its identity service motor solution (ISE). Both could have used to execute arbitrary commands and steal confidential information.
Since the solution was already implemented, it advised its clients to restart the application to apply configuration changes.
Through Bleepingcomputer
