‘Severe’ Cisco WebEx flaw grants hackers access to meeting data
The memory leakage vulnerability has been patched, with Cisco urging users to update their clients immediately
Cisco has patched a dangerous flaw that allows a hacker to access victims’ accounts from another machine in order to see all meetings, individuals invited, meeting passwords and past meeting records.
The shared memory information leakage vulnerability, found in the Cisco WebEx Meetings desktop app for Windows, allows an authenticated attacker to gain access to sensitive information either locally, or by running a malicious programme.
Assigned CVE-2020-3347, the exploitation is based on the unsafe usage of shared memory used by the video conferencing platform’s desktop client, according to Trustwave researchers, who discovered the flaw.
Once the WebEx Meetings application is installed, it adds an application to the tray that starts up automatically once the user logs on. If the user has configured the client to log on automatically too, which by default it does, several memory-mapping files open, with some unprotected from opening for reading and writing.
An attacker with permissions to view system memory could exploit this vulnerability by running an application that’s designed to read shared memory. The hacker can loop over sessions and try to open, read and save content for future examination.
Successful exploitation could give the hacker the power to retrieve sensitive information through this mechanism, including usernames, meeting information, as well as authentication tokens that can be used in future attacks.
“Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing and messaging software usage to help people transition their work-life to a work from home environment,” said Trustwave security research manager Martin Rakhmanov.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
RELATED RESOURCE
Putting a spotlight on cyber security
An examination of the current cyber security landscape
“Vulnerabilities in this type of software now present an even greater risk to its users. Cisco WebEx is one of the most popular video conferencing solutions available, so I decided to turn my research skills to see how secure the platform is.
“In an attack scenario, any malicious local user or malicious process running on a computer where WebEx Client for Windows is installed can monitor the memory-mapped file for a login token. Once found the token, like any leaked credentials, can be transmitted somewhere so that it can be used to login to the WebEx account in question, download Recordings, view/edit Meetings, etc.”
Cisco has released a software update addressing this vulnerability, urging users to update their Cisco Webex Meetings software to version 40.6.0 and higher. The “relatively severe” flaw affected versions of the platform released earlier than this, with Rakhmanov testing the exploitation on version 40.4.12.8.

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.
-
Nissan employee data exposed in Oracle PeopleSoft zero-day attacksNews The car manufacturer has urged current and former employees to change banking passwords and remain vigilant for phishing emails
-
Why Apple is speeding up software patchingNews Apple is speeding up its software patching processes amid rising concerns that AI is helping hackers to spot and exploit flaws at a far quicker pace.
-
OpenAI expands 'Daybreak' cyber program: New tools, partnerships, and a cyber-focused GPT-5.5 aim to help 'patch the world'News The company has added new tools, signed up partners, and released its GPT-5.5-Cyber model more widely
-
AI is shrinking attack windows, and it’s forcing a complete rethink of cyber resilience – here’s how organizations can prepareNews Commvault has urged companies to improve their business continuity and resilience plans in the face of flaws spotted by AI
-
Anthropic targets vulnerability detection gains with Claude Security public beta — here's what users can expectNews The Claude Mythos developer is aiming for a more limited approach to cyber tooling for public consumption
-
Researchers warn millions of RDP and VNC servers are wide open to exploitationNews Researchers at Forescout spotted millions of RDP and VNC servers exposed online
-
Brace yourselves for a vulnerability explosion, Forescout warnsNews AI advances are helping identify software flaws at record pace and scale, but that's not the good news some would think
-
Ubuntu vulnerability exposes enterprises to root escalation, complete system compromiseNews The high-severity Ubuntu vulnerability allows an unprivileged local attacker to escalate privileges through the interaction of two standard system components
-
Security agencies issue warning over critical Cisco Catalyst SD-WAN vulnerabilityNews Threat actors have been exploiting the vulnerability to achieve root access since 2023
-
Millions of developers could be impacted by flaws in Visual Studio Code extensions – here's what you need to know and how to protect yourselfNews The VS Code vulnerabilities highlight broader IDE security risks, said OX Security