- Home
- Alerts & Advisories
- Alerts
- High Severity Cisco Discovery Protocol Vulnerabilities (CVE-2020-3110,
Alerts
High Severity Cisco Discovery Protocol Vulnerabilities (CVE-2020-3110,
6 February 2020
Background
Cisco has released security updates to address several Cisco Discovery Protocol vulnerabilities found in its products.
Five high-severity vulnerabilities were identified and require immediate attention. These are:
CVE-2020-3110 & CVE-2020-3111 – These vulnerabilities are due to missing checks when processing Cisco Discovery Protocol messages.
CVE-2020-3118 - The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages.
CVE-2020-3119 - The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message.
CVE-2020-3120 - The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages.
Affected Products
CVE-2020-3110 - Affected IP Cameras, the product can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-ipcameras-rce-dos .
CVE-2020-3111 - Affected VoIP phones, the product can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos .
CVE-2020-3118 - Affected networking products can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce .
CVE-2020-3119- Affected networking products can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce .
CVE-2020-3120 - Affected networking products can be found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos .
Impact
Successful exploitation of these vulnerabilities could allow an attacker on a local network to cause a denial of service or allow a remote attacker to execute code by sending a malicious unauthenticated CDP packet to the affected device.
Specifically, the successful exploitation of CVE-2020-3120 could allow an attacker on a local network to cause a denial of service by rebooting the affected device running CDP.
Recommendations
Users and system administrators of the affected products are advised to install the latest security updates immediately.
More details on the security alerts can be found at https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
References
https://www.zdnet.com/article/cdpwn-vulnerabilities-impact-tens-of-millions-of-enterprise-devices/