Cisco Patches CVE-2025-20236: Unauthenticated RCE Flaw in Webex App via Malicious Meeting Links
Ddos 
Cisco has issued an important security advisory addressing a high-severity vulnerability in its Webex App that could allow unauthenticated remote code execution (RCE) through malicious meeting invite links. The flaw, identified as CVE-2025-20236 and carrying a CVSS score of 8.8, affects multiple versions of the Cisco Webex desktop application.
“A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user,” Cisco stated in its advisory.
The flaw stems from insufficient input validation in the Webex App’s custom URL handling mechanism. By crafting a malicious Webex meeting invite link, an attacker can trick a user into clicking it, triggering the download of arbitrary files to the user’s device.
“A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user,” Cisco warns.
This means that any user running a vulnerable Webex App version is potentially at risk, regardless of operating system or system configuration.
At the time of publication, Cisco’s Product Security Incident Response Team (PSIRT) has not observed any malicious use or public exploitation of CVE-2025-20236.
Cisco has confirmed the following:
- Versions 44.5 and earlier: Not vulnerable
- Version 44.6: Fixed in 44.6.2.30589
- Version 44.7: Must migrate to a fixed release
- Versions 44.8 and later: Not vulnerable
Users are strongly advised to check their application version and update immediately to avoid exploitation.
Related Posts:
- Cisco Webex for BroadWorks Vulnerability Exposes User Credentials
- Cisco Releases Critical Patch to Address RCE Vulnerability in WebEx Software
- Cisco Small Business Routers & Webex App Flaws
- Cisco releases patch to fix three high security bugs
About The Author
