CVE-2020-3588
published 2020-11-06CVE-2020-3588: A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a…
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.39%
31.1th percentile
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization. This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user. Note: This vulnerability can be exploited only when Cisco Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop (HVD) and is configured to use the Cisco Webex Meetings virtual desktop plug-in for thin clients.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bluez | bluez | >= 0 < 5.48-0ubuntu3.5 | 5.48-0ubuntu3.5 |
| bluez | bluez | >= 0 < 5.53-0ubuntu3.2 | 5.53-0ubuntu3.2 |
| cisco | cisco_webex_meetings_desktop_app | — | — |
| cisco | webex_meetings | < 40.6.9 | 40.6.9 |
| cisco | webex_meetings | >= 40.8.0 < 40.8.9 | 40.8.9 |
| cisco | webex_meetings_desktop_app | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.2MEDIUM
vendor_cisco7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x2h2-w5f2-8vg8: A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary
ghsa_unreviewed·2022-05-24
CVE-2020-3588 [HIGH] CWE-22 GHSA-x2h2-w5f2-8vg8: A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization. This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user. Note:
OSV
bluez vulnerabilities
osv·2021-06-16·CVSS 4.2
CVE-2020-26558 bluez vulnerabilities
bluez vulnerabilities
It was discovered that BlueZ incorrectly checked certain permissions when
pairing. A local attacker could possibly use this issue to impersonate
devices. (CVE-2020-26558)
Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT
events. A local attacker could use this issue to cause BlueZ to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153)
Ziming Zhang discovered that BlueZ incorrectly handled certain array
indexes. A local attacker could use this issue to cause BlueZ to crash,
resulting in a denial of service, or possibly obtain sensitive information.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-3588)
Cisco
Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
vendor_cisco·2020-11-04·CVSS 7.3
CVE-2020-3588 [HIGH] CWE-22 Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization.
This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacke
Cisco
Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
vendor_cisco·CVSS 3.1
CVE-2020-3588 Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
CVE-2020-3588: Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization. This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allo
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id SELECT
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id SELECT"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"SELECT"; nocase; pcre:"/.+SELECT.+FROM/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006486; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id INSERT
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id INSERT"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"INSERT"; nocase; pcre:"/.+INSERT.+INTO/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006488; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UPDATE
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UPDATE"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"UPDATE"; nocase; pcre:"/.+UPDATE.+SET/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006491; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Explo
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id DELETE
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id DELETE"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"DELETE"; nocase; pcre:"/.+DELETE.+FROM/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006489; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id ASCII
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id ASCII"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"ASCII"; nocase; pcre:"/.+ASCII\(.+SELECT/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006490; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3311 [HIGH] ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UNION SELECT
ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Xoops SQL Injection Attempt -- print.php id UNION SELECT"; flow:established,to_server; http.uri; content:"/print.php?"; nocase; content:"id="; nocase; content:"UNION"; nocase; pcre:"/.+UNION\s+SELECT/i"; reference:cve,CVE-2007-3311; reference:url,www.milw0rm.com/exploits/3588; classtype:web-application-attack; sid:2006487; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_techni
No public exploits indexed.
No writeups or analysis indexed.
2020-11-06
Published