by Timo Seiler
In early February Armis discovered a weak spot known as "CDPwn" in the Cisco Discovery Protocol (CDP). Cisco released a series of updates shortly thereafter to close the discovered leak on several devices.
CDP is a protocol (Layer 2) developed by Cisco which allows the discovery and direct communication of different devices of the manufacturer in the network.
The security gap could be used to bypass network quarantines and run malicious software. To do this, however, the attacker must already be present in the network.
If you have questions or need support, please get in touch with your contact person.