8.3
CVSSv2

CVE-2020-3111

Published: 05/02/2020 Updated: 07/02/2020
CVSS v2 Base Score: 8.3 | Impact Score: 10 | Exploitability Score: 6.5
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent malicious user to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the malicious user to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ip_conference_phone_7832_firmware

cisco ip_conference_phone_7832_with_multiplatform_firmware

cisco ip_conference_phone_8832_firmware

cisco ip_conference_phone_8832_with_multiplatform_firmware

cisco ip_phone_6821_firmware

cisco ip_phone_6841_firmware

cisco ip_phone_6851_firmware

cisco ip_phone_6861_firmware

cisco ip_phone_6871_firmware

cisco ip_phone_7811_firmware

cisco ip_phone_7811_with_multiplatform_firmware

cisco ip_phone_7821_firmware

cisco ip_phone_7821_with_multiplatform_firmware

cisco ip_phone_7841_firmware

cisco ip_phone_7841_with_multiplatform_firmware

cisco ip_phone_7861_firmware

cisco ip_phone_7861_with_multiplatform_firmware

cisco ip_phone_8811_firmware

cisco ip_phone_8811_with_multiplatform_firmware

cisco ip_phone_8841_firmware

cisco ip_phone_8841_with_multiplatform_firmware

cisco ip_phone_8851_firmware

cisco ip_phone_8851_with_multiplatform_firmware

cisco ip_phone_8861_firmware

cisco ip_phone_8861_with_multiplatform_firmware

cisco ip_phone_8845_firmware

cisco ip_phone_8845_with_multiplatform_firmware

cisco ip_phone_8865_firmware

cisco ip_phone_8865_with_multiplatform_firmware

cisco unified_ip_conference_phone_8831_firmware

cisco unified_ip_conference_phone_8831_for_third-party_call_control_firmware -

cisco wireless_ip_phone_8821_firmware

cisco wireless_ip_phone_8821-ex_firmware

Vendor Advisories

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages An attacker could exploit this ...

Recent Articles

Oi, Cisco! Who left the 'high privilege' login for Smart Software Manager just sitting out in the open?
The Register • Shaun Nichols in San Francisco • 19 Feb 2020

Critical fix for static login headlines latest patch rollout

Cisco has released fixes to address 17 vulnerabilities across its networking and unified communications lines.
The bundle includes one fix for a critical issue and six patches for bugs deemed high-risk vulnerabilities. They include remote access and code execution, elevation of privilege, denial of service, and cross-site request forgeries.
The lone critical bulletin is for CVE-2020-3158, a bug caused by the presence of a high-privilege account with a static password present in the C...

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast
Threatpost • Lindsey O'Donnell • 05 Feb 2020

Researchers on Wednesday disclosed five critical vulnerabilities in Cisco Discovery Protocol (CDP), the Cisco Proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment.
Researchers say that the vulnerabilities, which they collectively call CDPwn, can allow attackers to remotely take over millions of devices. The flaws specifically exist in the parsing of CDP packets, in the protocol implementation for various Cisco products, from its s...

Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation
Threatpost • Lindsey O'Donnell • 05 Feb 2020

Cisco is issuing patches for five critical vulnerabilities that have been discovered in Cisco Discovery Protocol (CDP), the info-sharing layer that maps all Cisco equipment on a network.
Researchers at Armis say that the vulnerabilities, which they disclosed on Wednesday and collectively dubbed CDPwn, can allow attackers with an existing foothold in the network to break through network segmentation efforts and remotely take over millions of devices.
CDP is a Cisco proprietary Layer 2...