"Critical Cisco 'CDPwn' Flaws Break Network Segmentation"

Cisco issued patches for five critical vulnerabilities contained by the CISCO Discovery Protocol (CDP), which is a tool used by network administrators and engineers to identify and map Cisco products on a network. According to researchers at the enterprise security firm Armis, the exploitation of the collection of critical flaws dubbed CDPwn can allow attackers to break network segmentation and move freely between different parts of a network, posing a significant threat to enterprises. As Cisco is the leader in the network equipment market, these security flaws impact millions of devices, including switches, routers, IP phones, and IP cameras. Cisco is urging users to apply the recently released patches as bad actors can perform several attacks using the flaws, such as extracting data from a network's traffic via switches and routers, viewing sensitive information from IP cameras, altering traffic on corporate switches, and more. This article continues to discuss the purpose of the Cisco Discovery Protocol (CDP), the critical security flaws discovered in this protocol, the impact that such vulnerabilities can have on enterprises, the disclosure of these flaws, and how Cisco has responded.

Threatpost reports "Critical Cisco 'CDPwn' Flaws Break Network Segmentation"