Cisco has patched a high-severity flaw once again in its Webex video conferencing platform. The privilege elevation vulnerability (CVE-2019-1674) exists in the update service of Cisco Webex Meetings Desktop App for Windows. Cisco had first patched the initial privilege-escalation vulnerability in October, and then again when researchers with SecureAuth bypassed that patch in November. An unprivileged local attacker could exploit this vulnerability by invoking the update. This will allow an unauthenticated attacker to gain SYSTEM user privileges and run arbitrary commands.
Source: https://threatpost.com/cisco-patches-high-severity-webex-vulnerability-for-third-time/142243/