High Severity Cisco Discovery Protocol Vulnerabilities (CVE-2020-3110, CVE-2020-3111, CVE-2020-3118, CVE-2020-3119, CVE-2020-3120)

Published on 06 Feb 2020

Updated on 06 Feb 2020

Background

 

Cisco has released security updates to address several Cisco Discovery Protocol vulnerabilities found in its products.

 

Five high-severity vulnerabilities were identified and require immediate attention. These are:

   

CVE-2020-3110 & CVE-2020-3111 – These vulnerabilities are due to missing checks when processing Cisco Discovery Protocol messages.

 

CVE-2020-3118 - The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages.

 

CVE-2020-3119 - The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message.

 

CVE-2020-3120 - The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages.

 

 

Affected Products

 

 

Impact

 

Successful exploitation of these vulnerabilities could allow an attacker on a local network to cause a denial of service or allow a remote attacker to execute code by sending a malicious unauthenticated CDP packet to the affected device.

 

Specifically, the successful exploitation of CVE-2020-3120 could allow an attacker on a local network to cause a denial of service by rebooting the affected device running CDP.

 

Recommendations

 

Users and system administrators of the affected products are advised to install the latest security updates immediately.

 

More details on the security alerts can be found at https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

 

References

 

https://www.zdnet.com/article/cdpwn-vulnerabilities-impact-tens-of-millions-of-enterprise-devices/

https://kb.cert.org/vuls/id/261385/