1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco patches permission hijacking issue in WebEx Meetings app for Android

Discussion in 'CSO' started by RSS, Dec 2, 2015.

  1. RSS

    RSS New Member Member

    Cisco has fixed a vulnerability in its WebEx Meetings application for Android that allowed potentially rogue applications to hijack its permissions.

    The issue, which affected all versions of the app older than 8.5.1, stemmed from the way custom application permissions were implemented and assigned at initialization time.

    In addition to the default permissions defined by the OS, applications can declare and request custom permissions, a feature that the Android developers recommend be used only if absolutely necessary. It is also possible for apps to request to use custom permissions declared by another application.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page