On Feb. 5, Cisco let customers know right away that there were vulnerabilities in its Discovery Protocol implementation of several products, and provided software fix information and mitigations for these vulnerabilities.

The upside is these vulnerabilities can’t be exploited via the internet—bad actors must have access to the local network which, unfortunately, can only be done using a compromised IoT device.

Vulnerable Devices

Video Surveillance 8000 Series IP Cameras (CVE-2020-3110) are vulnerable to a heap overflow, enabling attackers to reach remote code execution.

VoIP Phones (CVE-2020-3111) are vulnerable to a stack overflow which can be triggered anywhere in the local network, and is not limited to malicious CDP packets sent directly from within the access switch.

IOS XR Software Devices (CVE-2020-3118) are vulnerable to improper validation of string input from certain fields within a CDP message that could lead to a stack overflow, giving a bad actor full control over the target router to traverse between network segments and use the router for subsequent attacks.

NX-OS Software Devices (CVE-2020-3119) are vulnerable to stack buffer overflow, enabling criminals to gain full control over the switch and the network infrastructure, breaking segmentation, and allowing for hopping between VLANs.

IOS XR (CVE-2020-3118), NX-OS (CVE-2020-3119), and FXOS Software Devices (CVE-2020-3120) are vulnerable to a resource exhaustion denial-of-service condition, causing the CDP process to crash repeatedly, disrupting target networks.

Know Your Vulnerabilities

First, immediately update your Cisco software.

Next, it’s important to know the gaps in your security and be able to resolve any vulnerabilities before they’re exploited. BlackHawk Data can help optimize your network and security with a Security Audit Assessment.

Utilizing a holistic approach, we take a look at your entire infrastructure to weed out any vulnerabilities. We’ll provide you with an actionable plan and expert engineers to help you strengthen your security posture so you can have peace of mind that you’re protected.

You can’t stop all attacks or even mitigate all vulnerabilities but BlackHawk Data can help you get ahead of 99% of them.

Recent Posts

Fueling the Economy Through Diversity

Fueling the Economy Through Diversity

BlackHawk Data recently received several diversity-promoting certifications, enabling us to further expand our services to public and private sector clients, and be a key player in fueling the economy. For those that don’t know, this is big news.The rise of...

Modest Beginnings and Bold Results

Modest Beginnings and Bold Results

Like most entrepreneurs, Maryann Pagano and Jason Caparoso looked forward to when they could take their years of technology experience and turn it into their dream of having their own company. It was a pretty big leap since: Statistics say that most start-ups fail...