Details of VAR-202011-1021

ID

VAR-202011-1021

CVE

CVE-2020-3573

TITLE

Windows for Cisco Webex Network Recording Player and Cisco Webex Player Buffer Error Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-013362

DESCRIPTION

Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper initialization of a pointer prior to accessing it

Trust: 2.43

sources: NVD: CVE-2020-3573 // JVNDB: JVNDB-2020-013362 // ZDI: ZDI-20-1362 // VULHUB: VHN-181698 // VULMON: CVE-2020-3573

AFFECTED PRODUCTS

vendor:	cisco	model:	webex meetings	scope:	lt	version:	40.6.11	Trust: 1.0
vendor:	cisco	model:	webex meetings server	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	webex meetings	scope:	lt	version:	40.8.0	Trust: 1.0
vendor:	cisco	model:	webex meetings	scope:	gte	version:	40.6.0	Trust: 1.0
vendor:	cisco	model:	webex meetings	scope:	gte	version:	40.7.0	Trust: 1.0
vendor:	cisco	model:	webex meetings server	scope:	eq	version:	3.0	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco webex meetings server	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco webex meetings	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	webex	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-20-1362 // JVNDB: JVNDB-2020-013362 // NVD: CVE-2020-3573

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3573
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3573
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-3573
value:	HIGH
Trust: 0.8
ZDI:	CVE-2020-3573
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202011-342
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181698
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-3573
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-3573
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-181698
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3573
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2020-3573
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2020-3573
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-1362 // VULHUB: VHN-181698 // VULMON: CVE-2020-3573 // JVNDB: JVNDB-2020-013362 // CNNVD: CNNVD-202011-342 // NVD: CVE-2020-3573 // NVD: CVE-2020-3573

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.1
problemtype:	CWE-665	Trust: 1.1
problemtype:	Buffer error (CWE-119) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-181698 // JVNDB: JVNDB-2020-013362 // NVD: CVE-2020-3573

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-342

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202011-342

PATCH

title:	cisco-sa-webex-nbr-NOS6FQ24	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-nbr-NOS6FQ24	Trust: 1.5
title:	Cisco Webex Network Recording Player Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=133200	Trust: 0.6
title:	Cisco: Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-webex-nbr-NOS6FQ24	Trust: 0.1
title:	-	url:	https://github.com/ExpLangcn/FuYao-Go	Trust: 0.1

sources: ZDI: ZDI-20-1362 // VULMON: CVE-2020-3573 // JVNDB: JVNDB-2020-013362 // CNNVD: CNNVD-202011-342

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3573	Trust: 3.3
db:	ZDI	id:	ZDI-20-1362	Trust: 2.4
db:	JVNDB	id:	JVNDB-2020-013362	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-11176	Trust: 0.7
db:	CNNVD	id:	CNNVD-202011-342	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.3855	Trust: 0.6
db:	VULHUB	id:	VHN-181698	Trust: 0.1
db:	VULMON	id:	CVE-2020-3573	Trust: 0.1

sources: ZDI: ZDI-20-1362 // VULHUB: VHN-181698 // VULMON: CVE-2020-3573 // JVNDB: JVNDB-2020-013362 // CNNVD: CNNVD-202011-342 // NVD: CVE-2020-3573

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24	Trust: 3.0
url:	https://www.zerodayinitiative.com/advisories/zdi-20-1362/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3573	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2020.3855/	Trust: 0.6

sources: ZDI: ZDI-20-1362 // VULHUB: VHN-181698 // JVNDB: JVNDB-2020-013362 // CNNVD: CNNVD-202011-342 // NVD: CVE-2020-3573

CREDITS

Francis Provencher {PRL}

Trust: 0.7

sources: ZDI: ZDI-20-1362

SOURCES

db:	ZDI	id:	ZDI-20-1362
db:	VULHUB	id:	VHN-181698
db:	VULMON	id:	CVE-2020-3573
db:	JVNDB	id:	JVNDB-2020-013362
db:	CNNVD	id:	CNNVD-202011-342
db:	NVD	id:	CVE-2020-3573

LAST UPDATE DATE

2024-11-23T22:37:11.959000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-1362	date:	2020-11-10T00:00:00
db:	VULHUB	id:	VHN-181698	date:	2021-10-19T00:00:00
db:	VULMON	id:	CVE-2020-3573	date:	2021-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-013362	date:	2021-06-28T08:08:00
db:	CNNVD	id:	CNNVD-202011-342	date:	2021-10-20T00:00:00
db:	NVD	id:	CVE-2020-3573	date:	2024-11-21T05:31:20.473

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-1362	date:	2020-11-10T00:00:00
db:	VULHUB	id:	VHN-181698	date:	2020-11-06T00:00:00
db:	VULMON	id:	CVE-2020-3573	date:	2020-11-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-013362	date:	2021-06-28T00:00:00
db:	CNNVD	id:	CNNVD-202011-342	date:	2020-11-04T00:00:00
db:	NVD	id:	CVE-2020-3573	date:	2020-11-06T19:15:14.750