CDPwn Vulnerabilities

Posted by John Marrett on Feb 6, 2020 9:13:26 AM

Cisco Vulnerability 2

Today a collection of five vulnerabilities affecting Cisco phones and switches has been published. These vulnerabilities, identified collectively as CDPwn by Armis, the security firm that discovered them present a significant risk in many enterprise environments. For most enterprise customers, the vulnerabilities affecting phones (CVE-2020-3111) and switches running NX-OS (CVE-2020-3119  and CVE-2020-3120) are the principle areas of concern.

The most positive element of these issues is that they will not allow an external party to enter an environment remotely. They can permit an attacker with a foothold to traverse the network or attack significant portions of it.

We will be working with our managed service customers to plan the upgrades required to address these issues in their UC environments. If you need help staying on top of security updates in your organization please contact the Stack8 Team

Subscribe to the Stack8 Blog

Topics: CDPwn Vulnerabilities

Don’t miss out. Expert advice straight to your inbox!

Insightful tips, troubleshooting and solutions for your everyday Unified Communications challenges from our team of experts. You can look forward to:

  • Weekly UC tips;
  • Cisco Unified Communications insights;
  • UCCX - Contact Center insights;
  • Network and Security insights;
  • Cisco Release notes and Product reviews.

Posts by Topic

see all
Join us for free live demo

Recent Posts