CVE-2020-27133

high-risk
Published 2020-12-11

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vulnerabilities, see the Details section of this advisory.

Do I need to act?

-
0.44% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.9/10 Critical
NETWORK / LOW complexity

Affected Products (12)

Jabber For Mobile Platforms
Jabber For Mobile Platforms
Jabber For Mobile Platforms
Jabber For Mobile Platforms

Affected Vendors

Cisco

References (2)

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-j...
Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-j...
52
/ 100
high-risk
Severity 33/34 · Critical
Exploitability 2/34 · Minimal
Exposure 17/34 · Moderate