Security News > 2020 > February > Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation
Cisco is issuing patches for five critical vulnerabilities that have been discovered in Cisco Discovery Protocol, the info-sharing layer that maps all Cisco equipment on a network.
CDP is a Cisco proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment.
CDP aids in mapping the presence of other Cisco products in the network and is implemented in virtually all Cisco products - including switches, routers, IP phones and IP cameras.
A Cisco spokesperson told Threatpost that Cisco is not aware of any "Malicious uses" of the flaws in the wild.
After compromising a vulnerable Cisco device, an attacker could then send a maliciously crafted CDP packet to another Cisco device located inside the network.
News URL
https://threatpost.com/critical-cisco-cdpwn-flaws-network-segmentation/152546/
Related news
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)