Cisco Jabber Flaw

Cisco released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS.

Successful exploitation of the flaws could permit an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.

Vulnerable Products

These vulnerabilities affect Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms.

Cisco Jabber Flaw

Cisco has confirmed that these vulnerabilities, except for CVE-2021-1471, do not affect Cisco Jabber client software that is configured for either of the following modes:

  • Phone-only mode
  • Team Messaging Mode

To Exploit the Vulnerabilities, an attacker must be:

  • Authenticated to an Extensible Messaging and Presence Protocol (XMPP) server that the affected software is using
  • Able to send XMPP messages to a targeted system

CVE-2021-1411: Cisco Jabber Arbitrary Program Execution Vulnerability

A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute programs on a targeted system. Rated by Cisco with a 9.9/10 severity score.

This vulnerability is due to improper validation of message content. An attacker could exploit this vulnerability by sending crafted XMPP messages to the affected software.

A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, which could result in arbitrary code execution.

The flaw affects Cisco Jabber for Windows, macOS, Android, or iOS, versions 12.9 or earlier.

Details of the issues:

CVE-2021-1469:  Arbitrary Program Execution Vulnerability

CVE-2021-1417:  Information Disclosure Vulnerability

CVE-2021-1471:  Certificate Validation Vulnerability

CVE-2021-1418:  Denial of Service Vulnerability

Four more Cisco Jabber Bugs Patched

Cisco addressed four other high and medium severity flaws in Jabber software, tracked as CVE-2021-1417, CVE-2021-1418, CVE-2021-1469, and CVE-2021-1471. The flaw was reported by Olav Sortland Thoresen of Watchcom, who also reported the CVE-2021-1417, and CVE-2021-1418 vulnerabilities.

These security bugs could enable remote attackers to execute arbitrary programs, gain access to sensitive information, and trigger denial-of-service states after exploiting them on devices running unpatched software.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.