Cisco’s Critical ‘CDPwn’ Flaws

Cisco is a huge company with a large number of devices in the market used by people. It was recently when Cisco reported about the flaws it found by it within its CDP or Cisco Discovery Protocol. The things found by the tech giant involve 5 flaws that could have made millions of Cisco products into the wrong hands. The flaws are so dangerous that attack with a successful attack can access the devices with an existing foothold. The attacker can’t really make a successful attempt without already being in the network to access something.

With a large number of products and users, Cisco took care of the bug or vulnerable right away. There were 5 flaws that are said to be very much threatening for users as their product can get accessed. These flaws are together called CDPwn as they exist in CDP that is a layer 2 protocol. CDP allows the company to get information from its products or equipment that are connected to the network. These devices connected to the network are the only way to exploit the flaws and once successfully used you can access devices. Not just one device the attacker can access information on other devices connected locally to the network with the one that is already on the network.

After fixing the flaws Cisco requested the users to update to remain on the safer side. The attack is possible through the internet but can also be done locally through a low-grade IoT device on the network. These IoT devices can act as the way to get into the network. Due to a lack of security features, these IoT devices become an easy tool for attacking networks. Out of the 5 flaws, 4 are RCE or Remote code execution vulnerabilities while one is DoS vulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *