A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition.
The vulnerability is due to insufficient validation of UCF media files. An attacker could exploit this vulnerability by sending a user a malicious UCF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit would cause the application to quit unexpectedly.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
Security Impact Rating: Medium
Source:: Cisco Security Advisories