Jabber Bug Could Let Hackers Target Windows Systems Remotely
By MYBRANDBOOK
Networking equipment leader Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code.
The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently supported. Two of the four flaws can be exploited to gain remote code execution (RCE) on target systems by sending specially crafted chat messages in group conversations or specific individuals.
The most severe of the lot is a flaw (CVE-2020-3495, CVSS score 9.9) that's caused by improper validation of message contents, which could be leveraged by an attacker by sending maliciously-crafted Extensible Messaging and Presence Protocol (XMPP) messages to the affected software. The development comes days after Cisco warned of an actively exploited zero-day flaw in its IOS XR router software.
A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, possibly resulting in arbitrary code execution," Cisco said in an advisory published yesterday.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
DELL TECHNOLOGIES INDIA PVT. LTD.
SAFE SECURITY SERVICES PVT. LTD.
MICROTEK INTERNATIONAL PVT. LTD.
TP-LINK INDIA PVT LTD.
Technology Icons Of India 2023: Ashish Kumar Chauhan
Ashish works as the CEO of the National Stock Exchange (NSE). He is al...
Technology Icons Of India 2023: Ajit Balakrishnan
The Company markets specific channels, community features, local langu...
Technology Icons Of India 2023: Bhavish Aggarwal
Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
ITI Limited widening its focus area
ITI Limited is a public sector undertaking company, has manufacturing ...
BEETEL TELETECH LTD.
: Beetel is one of the oldest and most reputed brands in the Industry,...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...
R P TECH INDIA
R P Tech is recognized for its diverse products portfolio, value-add...