Menu
Cisco patches security glitch affecting routers, switches and phones

Cisco patches security glitch affecting routers, switches and phones

Cisco fixes vulnerabilities in its Cisco Discovery Protocol that could let remote attackers take over products without any user interaction

Credit: Dreamstime

Cisco has issued fixes for five security glitches that can be found in a wealth of its networked enterprise products – from switches and routers to web cameras and desktop VoIP phones.

The problems centre around vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) that could let remote attackers take over the products without any user interaction.

While no public exploit has been found, an attacker simply needs to send a maliciously crafted CDP packet to a target device located inside the network to take advantage of the weakness, Cisco stated.

Cisco’s CDP is a Layer 2 protocol that runs on Cisco devices and enables networking applications to learn about directly connected devices nearby, according to Cisco. It enables management of Cisco devices by discovering networked devices, determining how they are configured, and letting systems using different network-layer protocols learn about each other, according to Cisco.

The five vulnerabilities, revealed by Armis Security and dubbed CDPwn, are significant because Layer 2 protocols are the underpinning for all networks, Armis wrote in a blog about the problems.

“As an attack surface, Layer 2 protocols are an under-researched area and yet are the foundation for the practice of network segmentation. Network segmentation is utilised as a means to improve network performance and also to provide security. Unfortunately, as this research highlights, the network infrastructure itself is at risk and exploitable by any attacker, so network segmentation is no longer a guaranteed security strategy,” Armis wrote.

Cisco rated the CDP security threats as “High.” The specific warnings include:

  • A CDP vulnerability the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. Affected products include a variety of Cisco IP Conference Phones model 6xxx to models 8xxx and Wireless IP Phone 8821, 8821-EX.
  • A CDP implementation in Cisco NX-OS software could allow an attacker to cause a stack overflow, which could let the attacker execute arbitrary code with administrative privileges on an affected device. Impacted products include Nexus 3000, 5500, 5600, 6000 and 9000 series switches.
  • A CDP vulnerability in the Cisco Video Surveillance 8000 Series IP Cameras could allow the attacker to expose the affected IP Camera for remote code execution or cause it to reload unexpectedly, resulting in a denial of service (DoS) state. This vulnerability affects Cisco Video Surveillance 8000 Series IP Cameras with the Cisco Discovery Protocol enabled when they are running a firmware version earlier than 1.0.7, Cisco stated.
  • A CDP exposure in Cisco IOS XR software could let an attacker cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Products impacted include ASR 9000 Series Aggregation Services Routers, IOS XRv 9000 Router, Network Convergence System (NCS) 540, 560, 1000, 5000, 6000 Series Routers. Cisco noted, too, that this vulnerability also affects third-party white-box routers if they have CDP enabled both globally and on at least one interface and if they are running a vulnerable release of Cisco IOSR XR Software.
  • A CDP weakness in Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to exhaust system memory, causing the device to reload. Affected products include a wide variety of Cisco gear from the ASR 9000 Series Aggregation Services Router and NCS Series Routers to the Nexus family and UCS Series.

Armis said it discovered the bugs in August last year as worked with Cisco to develop patches which Cisco says are available for free


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cisco

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments