Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. The experts tracked the set as CDPwn and warned that the […]

cdp cdpwn flaws

A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks.

Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. The experts tracked the set as CDPwn and warned that the issues could be exploited by attackers to take complete control of vulnerable devices.

Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices  without any user interaction. CDP is a Cisco proprietary Layer 2 (Data Link Layer) network protocol that is used to discover information about locally attached Cisco equipment.” reads the advisory published by Armis. “CDP is implemented in virtually all Cisco products including switches, routers, IP phones and cameras. All those devices ship from the factory with CDP enabled by default. The CERT Coordination Center has also issued an advisory.”

Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems in 1994 that is used to share information about other directly connected Cisco equipment, including the operating system version and IP address.

The protocol is used by Cisco network equipment (switches, routers), IP phones, and cameras.

Four vulnerabilities of the CDPwn set are remote code execution (RCE) vulnerabilities, the other one is a Denial of Service (DoS) flaw. An attacker could exploit the flaws only once it has gained access to the target network, then he would send specially crafted CDP packets to the targeted device.

An attacker could exploit the RCE vulnerabilities to break the network segmentation, to exfiltrate corporate network traffic traversing through an organization’s switches and routers, to gain access to additional devices by leveraging man-in-the-middle attacks by intercepting and altering traffic on the corporate switch, to exfiltrate sensitive information such as phone calls from devices like IP phones and video feeds from IP cameras

The code execution vulnerabilities affect the NX-OS, IOS XR, IP phone, and IP camera implementations, while the DoS flaw impact the FXOS, IOS XR and NX-OS implementations of CDP.

Armis researchers presented several attack scenarios, such as breaking of network segmentation, data exfiltration from devices like IP phones and cameras

cdp cdpwn flaws

Cisco has published security dvisories and released patches to address the issues. The flaws were tracked as CVE-2020-3120, CVE-2020-3119, CVE-2020-3118, CVE-2020-3111 and CVE-2020-3110 an received a high severity rating.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – cdpwn cdp flaws, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]