CDP is a protocol (Layer 2) developed by Cisco which allows the discovery and direct communication of different devices of the manufacturer in the network.


The following device groups are affected:

Heap Overflow in Cisco IP Cameras (CVE-2020-3110)
Stack Overflow in Cisco VoIP Devices (CVE-2020-3111)


Format String Stack Overflow (CVE-2020-3118)
Stack overflow and arbitrary write access (CVE-2020-3119)
Denial of Service (CVE-2020-3120) in NX-OS switches and IOS XR routers


The security gap could be used to bypass network quarantines and run malicious software. To do this, however, the attacker must already be present in the network.


If you have questions or need support, please get in touch with your contact person.