WebExec is a vulnerability in, as the name implies, Cisco’s WebEx client software. This is a pretty unique vulnerability, because it’s a remote vulnerability in a client application that doesn’t even listen on a port. The summary is: when the WebEx client is installed, it also installs a Windows service called WebExService that can execute arbitrary commands at SYSTEM-level privilege. Due to poor ACLs, any local or domain user can start the process over Window’s remote service interface (except on Windows 10, which requires an administrator login).