// For flags

CVE-2020-3535

Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability

Severity Score

8.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file in a specific location on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of another user’s account.

Una vulnerabilidad en el mecanismo de carga de archivos DLL específicos en el cliente Cisco Webex Teams para Windows, podría permitir a un atacante local autenticado cargar una biblioteca maliciosa. Para explotar esta vulnerabilidad, el atacante necesita credenciales válidas en el sistema Windows. La vulnerabilidad es debido al manejo incorrecto de las rutas de directorio en tiempo de ejecución. Un atacante podría explotar esta vulnerabilidad mediante la colocación un archivo DLL malicioso en una ubicación específica del sistema de destino. Este archivo se ejecutará cuando se inicie la aplicación vulnerable. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario en el sistema objetivo con los privilegios de otra cuenta user’s

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-10-08 CVE Published
  • 2023-09-14 EPSS Updated
  • 2024-11-13 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-427: Uncontrolled Search Path Element
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Webex Teams
Search vendor "Cisco" for product "Webex Teams"
>= 3.0.13464.0 <= 3.0.16040.0
Search vendor "Cisco" for product "Webex Teams" and version " >= 3.0.13464.0 <= 3.0.16040.0"
windows
Affected