Cisco Systems has issued fixes for five high-level vulnerabilities in various implementations of its Cisco Discovery Protocol, which is enabled by default in tens of millions of Cisco products.
The five flaws, collectively named CDPwn, could allow attackers to either remotely execute code or trigger a denial of service, warned Cisco yesterday, as did researchers at Armis who uncovered and disclosed the bugs. Affected devices including switches, routers, IP phones and IP cameras, which use the Layer 2 (Data Link Layer) network protocol to discover and map to each other Cisco equipment in the same network.
"Increasingly, these devices can, and do, connect to the enterprise network. And large numbers of these devices end up in places that attackers find extremely valuable," said Ben Seri, VP of research at Armis, in a company press release. "The findings of this research are significant, as Layer 2 protocols are the underpinning for all networks, and as an attack surface are an under-researched area, and yet are the foundation for the practice of network segmentation. Network segmentation is often utilized as a means to provide security. Unfortunately, as this research highlights, the network infrastructure itself is at risk and exploitable by any attacker, so network segmentation is no longer a guaranteed security strategy."
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.