Skip to main content

Cisco patches vulnerabilities affecting millions of enterprise devices

(Image credit: Image Credit: Pavel Ignatov / Shutterstock)

Cisco has patched five vulnerabilities that allowed malicious actors to perform remote code execution and denial of service attacks on millions of enterprise devices.

The company confirmed critical vulnerabilities were found in its Cisco Discovery Protocol (CDP), an information protocol that maps all Cisco tech on a given network.

First discovered by cybersecurity researchers at Armis, the vulnerabilities are jointly called CDPwn. They allow hackers to break any network segmentation and, essentially, take over all the devices.

“There are endless types of Layer 2 protocols, and CDP is one of them,” said Ben Seri, Vice President of Research at Armis.

“But there is actually a very large attack surface there, which has been neglected. I think the research community needs to do more in looking at these protocols. And network segmentation, at the end of the day, is a strong solution for IoT, and other security problems are solved by it, but we need to make sure that it really stands strong against all kinds of attacks.”

Speaking to Threatpost, a Cisco representative said the vulnerabilities were not being exploited in the wild.

Cybersecurity researchers at Armis notified Cisco of the flaws in late August last year, and have been working with the company ever since to develop and test the patches released this week.