On Feb. 5, Cisco let customers know right away that there were vulnerabilities in its Discovery Protocol implementation of several products, and provided software fix information and mitigations for these vulnerabilities.
The upside is these vulnerabilities can’t be exploited via the internet—bad actors must have access to the local network which, unfortunately, can only be done using a compromised IoT device.
Video Surveillance 8000 Series IP Cameras (CVE-2020-3110) are vulnerable to a heap overflow, enabling attackers to reach remote code execution.
VoIP Phones (CVE-2020-3111) are vulnerable to a stack overflow which can be triggered anywhere in the local network, and is not limited to malicious CDP packets sent directly from within the access switch.
IOS XR Software Devices (CVE-2020-3118) are vulnerable to improper validation of string input from certain fields within a CDP message that could lead to a stack overflow, giving a bad actor full control over the target router to traverse between network segments and use the router for subsequent attacks.
NX-OS Software Devices (CVE-2020-3119) are vulnerable to stack buffer overflow, enabling criminals to gain full control over the switch and the network infrastructure, breaking segmentation, and allowing for hopping between VLANs.
IOS XR (CVE-2020-3118), NX-OS (CVE-2020-3119), and FXOS Software Devices (CVE-2020-3120) are vulnerable to a resource exhaustion denial-of-service condition, causing the CDP process to crash repeatedly, disrupting target networks.
Know Your Vulnerabilities
First, immediately update your Cisco software.
Next, it’s important to know the gaps in your security and be able to resolve any vulnerabilities before they’re exploited. BlackHawk Data can help optimize your network and security with a Security Audit Assessment.
Utilizing a holistic approach, we take a look at your entire infrastructure to weed out any vulnerabilities. We’ll provide you with an actionable plan and expert engineers to help you strengthen your security posture so you can have peace of mind that you’re protected.
You can’t stop all attacks or even mitigate all vulnerabilities but BlackHawk Data can help you get ahead of 99% of them.