CVE-2020-3128: 
Cisco WebEx Network Recording Player vulnerability analysis and mitigation

A high-severity vulnerability (CVE-2020-3128) was discovered in Cisco Webex Network Recording Player and Webex Player, affecting the playback of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files on Windows operating systems. The vulnerability was disclosed on March 4, 2020, and received a CVSS score of 7.8 out of 10.0 (Cisco Advisory, Threatpost).

The vulnerability stems from insufficient validation of certain elements within Webex recordings stored in either ARF or WRF formats. The flaw exists specifically in the atpdmod.dll module, where the program fails to initialize a pointer and later writes data to this pointer. The vulnerability received a CVSS base score of 7.8, with the following vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:X/RL (Threatpost).

A successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The vulnerability affects multiple versions of both Webex Network Recording Player and Webex Player across different Cisco Webex platforms (Threatpost).

Cisco has released patches for affected versions. For Cisco Webex Meetings, users should upgrade to WBS 39.5.17 or WBS 39.11.0 or later. For Webex Meetings Online, versions should be updated to 1.3.49 or later. For Cisco Webex Meetings Server, users should upgrade to versions 3.0MR3SecurityPatch1 and 4.0MR2SecurityPatch2 or later. Users can determine their installed version by opening the player and choosing Help > About (Threatpost).