This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user.
Arbitrary Code Execution
Cisco Webex Meetings Virtual Desktop Software for Windows
Refer to Cisco advisory for the complete list of affected products and their respective patches.