CVE-2017-3823 : Security Advisory and Response

A vulnerability has been found in the Cisco WebEx Extension, ActiveTouch General Plugin Container, GpcContainer Class ActiveX control plugin, and Download Manager ActiveX control plugin, allowing remote code execution on affected systems.

Understanding CVE-2017-3823

What is CVE-2017-3823?

This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers on Microsoft Windows, enabling an attacker to execute arbitrary code using the browser's privileges.

The Impact of CVE-2017-3823

The vulnerability stems from a design flaw in an API response parser within the extension, allowing attackers to run code with the same privileges as the affected browser.

Technical Details of CVE-2017-3823

Vulnerability Description

The issue affects Cisco WebEx Extension, ActiveTouch General Plugin Container, GpcContainer Class ActiveX control plugin, and Download Manager ActiveX control plugin, potentially leading to remote code execution.

Affected Systems and Versions

Cisco WebEx browser extensions before 1.0.7 on Google Chrome
ActiveTouch General Plugin Container before 106 on Mozilla Firefox
GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer
Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer

Exploitation Mechanism

Attackers can exploit the vulnerability by convincing users to visit malicious websites or click on malicious links using affected browsers.

Mitigation and Prevention

Immediate Steps to Take

Update the affected browser extensions to the latest versions
Exercise caution when clicking on links or visiting websites

Long-Term Security Practices

Regularly update software and extensions
Implement security awareness training for users

Patching and Updates

Apply patches provided by Cisco to address the vulnerability