Armis Discovers 5 Vulnerabilities in Cisco’s CDP Protocol

Armis announced the discovery of five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices without any user interaction. The vulnerabilities, dubbed CDPwn, affect a wide variety of Cisco equipment.

Exploitation of these vulnerabilities can lead to:

• – Breaking of network segmentation
• – Data exfiltration of corporate network traffic traversing through an organization’s switches and routers
• – Gaining access to additional devices by leveraging man-in-the-middle attacks by intercepting and altering traffic on the corporate switch
• – Data exfiltration of sensitive information such as phone calls from from devices like IP phones and video feeds from IP cameras

The findings of this research are significant because Layer 2 protocols such as CDP are the underpinning for all networks and are enabled by default on all affected Cisco products. While many security professionals employ some form of network segmentation to provide security, this research highlights the fact that the network infrastructure itself is at risk and exploitable by any attacker. Network segmentation is no longer a guaranteed security strategy.