News

Researchers find five major vulnerabilities in Cisco Discovery Protocol

By admin
Spread the love

Cisco has patched a number of major security vulnerabilities in the way the Discovery Protocol used in Cisco equipment works. The CDP leaks allowed attackers to take over devices on corporate networks by bypassing segmentation.

There are a total of five security vulnerabilities. They were found by security company Armis. Of the five vulnerabilities, four allow remote code execution. The latter can perform a denial of service attack on the network. The vulnerabilities are in the way devices implement the Cisco Discovery Protocol, which is on a large number of Cisco devices but mainly used in the business world. The CDP allows network administrators to find other Cisco devices on the network and retrieve information from connected devices on a network. It is a discovery protocol that sends and receives discovery packets from the network ports on layer 2. The protocol not only runs on routers and switches, but also on IP telephones and VMWare machines with, for example, virtual switches. The researchers have put a page online with all vulnerable devices.

Attackers who exploit the vulnerability can do a lot on the network with this. For example, they can watch and listen in on telephone and video calls, and capture information that is sent via a network. It is also possible to bypass network segmentation and to perform man-in-the-middle attacks. The researchers have released several proofs-of-concept in which they show how, for example, they can take over a network switch or crash a phone.

The researchers call the set of vulnerabilities CDPwn. Five CVEs were created for it: CVE-2020-3120, CVE-2020-3119, CVE-2020-3118, CVE-2020-3111, and CVE-2020-2110. The researchers reported their findings to Cisco as early as August 2019. The companies have teamed up to come up with a fix, and the news is now out. According to the discoverers, the research is quite unique and important. “Until now, Layer 2 protocols have been little explored, while they are an integral part of networks,” said Ben Seri of Armis.

Update Wednesday 12 February: Description CDP has been modified based on Yordi’s response and Yariva’s topic.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

ASUS will produce and support NUC mini PCs after Intel exit

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Eurostar starts check-in with facial recognition at train stations in London