Researchers reported about bugs in Webex that allowed spying on conferences

Researchers reported about bugs in Webex
Written by Emma Davis

IBM researchers reported about three bugs in the Webex conferencing application that were recently fixed by Cisco engineers. The vulnerabilities allowed outsiders to join the conference and stay in the chat even after being kicked.

The vulnerabilities were discovered by IBM engineers when they audited tools that were used by the company during the coronavirus pandemic.

The use of Webex grew 451% between Feb. 17 and June 14 2020. At its peak, Webex hosted as many as 4 million meetings in a single day and claimed as many as 324 million IBM experts.

The researchers say that the vulnerabilities allowed an attacker to join someone else’s conference as a ghost user, while other chat participants would not see him. In doing so, a hacker could gain access to audio and video content, chat itself, and use other Webex features.

Moreover, the attacker could remain in the chat even if he was kicked, and this allowed the attacker to collect information about users, such as their full names, email addresses, IP addresses.

The IBM Research team examined the platform for security and privacy implications for the business and found these vulnerabilities while analysing the communication traffic within the platform. These flaws affect both scheduled meetings with unique meeting URLs and Webex Personal Rooms.researchers write.

The IBM specialists explain that the bugs were related to the implementation of the handshake process. For example, an attacker who knows the URL of a conference can connect to the Webex server, send modified packets, and manipulate the server to access the conference and collect information about its participants. A video demonstration of the attack can be seen below.

During testing, the researchers were able to make the vulnerabilities work in macOS, Windows, Webex Meetings for iOS, and the Webex Room Kit.

Fortunately, these issues only worked if the attacker knew the URL of the scheduled meeting as well as the unique Webex Personal Room URLs. Experts point out that attacking a Webex Personal Room can be even easier, as their addresses are built on a predictable combination of characters based on the name of the “room” owner and the name of the organization.

We have already mentioned that attackers could easily gain access to communication sessions in Cisco WebEx due to an API vulnerability. This vulnerability allows to listen other people’s conversations.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply