Security News > 2020 > February > Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation

Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation
2020-02-05 16:00

Cisco is issuing patches for five critical vulnerabilities that have been discovered in Cisco Discovery Protocol, the info-sharing layer that maps all Cisco equipment on a network.

CDP is a Cisco proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment.

CDP aids in mapping the presence of other Cisco products in the network and is implemented in virtually all Cisco products - including switches, routers, IP phones and IP cameras.

A Cisco spokesperson told Threatpost that Cisco is not aware of any "Malicious uses" of the flaws in the wild.

After compromising a vulnerable Cisco device, an attacker could then send a maliciously crafted CDP packet to another Cisco device located inside the network.


News URL

https://threatpost.com/critical-cisco-cdpwn-flaws-network-segmentation/152546/

Related news

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4448 233 3131 1876 610 5850