Vulnerability cyber

Cisco

Mar 5, 2025 1 min read
Cisco

A vulnerability in Cisco Webex for BroadWorks Release 45.2 allowed remote attackers to intercept sensitive credentials and user data during SIP communications that were not encrypted. Attackers could capture usernames, passwords, and session tokens via man-in-the-middle attacks, potentially leading to lateral movement or impersonation. Although Cisco automatically updated configurations to enforce TLS/SRTP encryption, impacted Windows server deployments require application restarts and encryption audits to mitigate the breach.

Source: https://cybersecuritynews.com/cisco-webex-broadworks-vulnerability/

"id": "cis409030525",
"linkid": "cisco",
"type": "Vulnerability",
"date": "3/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.