Critical 'CDPwn' vulnerabilities affect the proprietary Cisco Discovery Protocol (CDP) enabled by default in almost all Cisco network devices
Cisco has released patches to address five critical security vulnerabilities in the Cisco Discovery Protocol (CDP), which could enable attackers to remotely hijack millions of enterprise routers and switches.
The flaws, collectively named 'CDPwn,' were discovered by researchers at security firm Armis in August 2019, who reported the flaws to Cisco. They also worked together with Cisco to evaluate the risks and to produce thoroughly tested patches for the bugs.
According to the researchers, the five vulnerabilities affect CDP enabled by default in almost all Cisco devices, including routers, switches, cameras and IP phones. The protocol enables them to share identification and other information with each other through multicast messages inside local networks. ...
Support the originator by clicking the read the rest link below.
