Armis Logo< Back

CVE-2020-3110:

Cisco Video Surveillance 8000 Series IP Cameras contain a vulnerability in the Cisco Discovery Protocol implementation that allows adjacent attackers to execute remote code or cause denial of service.


Score
Info
A numerical rating that indicates how dangerous this vulnerability is.

8.8High
  • Published Date:Feb 5, 2020
  • CISA KEV Date:*No Data*
  • Industries Affected:20

Threat Predictions

  • EPSS Score:1.5
  • EPSS Percentile:81%

Exploitability

  • Score:2.8
  • Attack Vector:ADJACENT_NETWORK
  • Attack Complexity:LOW
  • Privileges Required:NONE
  • User Interaction:NONE
  • Scope:UNCHANGED

Impact

  • Score:5.9
  • Confidentiality Impact:HIGH
  • Integrity Impact:HIGH
  • Availability Impact:HIGH

Description Preview

Cisco Video Surveillance 8000 Series IP Cameras contain a vulnerability in the Cisco Discovery Protocol implementation that allows adjacent attackers to execute remote code or cause denial of service.

Overview

This vulnerability (CVE-2020-3110) is part of a series of Cisco Discovery Protocol vulnerabilities known as "CDPwn." The issue stems from improper validation of CDP packets in Cisco Video Surveillance 8000 Series IP Cameras. When the device processes specially crafted CDP packets, an attacker can trigger a buffer overflow condition, potentially allowing arbitrary code execution with the privileges of the CDP process. Alternatively, the malformed packets can cause the device to crash and reload. Since CDP is enabled by default on most Cisco devices and processes packets before authentication, this presents a significant security risk in environments where physical or Layer 2 network access is possible.

Remediation

  • To address this vulnerability, organizations should:
  • 1. Update affected Cisco Video Surveillance 8000 Series IP Cameras to Firmware Release 1.0.7 or later, which contains fixes for this vulnerability.
  • 2. If immediate patching is not possible, consider these temporary mitigations:
  • Disable Cisco Discovery Protocol on interfaces where it is not required
  • Implement network segmentation to limit Layer 2 access to vulnerable devices
  • Monitor for suspicious network activity targeting CDP services
  • 3. Ensure physical security of network infrastructure to prevent unauthorized access to network segments containing vulnerable devices.
  • 4. Review network configurations to identify all potentially affected devices and prioritize their updates based on exposure risk.

References

Industries Affected

Below is a list of industries most commonly impacted or potentially at risk based on intelligence.

Low
Mining icon
Mining
Utilities icon
Utilities
Information icon
Information
Construction icon
Construction
Retail Trade icon
Retail Trade
Manufacturing icon
Manufacturing
Wholesale Trade icon
Wholesale Trade
Educational Services icon
Educational Services
Finance and Insurance icon
Finance and Insurance
Public Administration icon
Public Administration
Real Estate Rental and Leasing icon
Real Estate Rental and Leasing
Transportation and Warehousing icon
Transportation and Warehousing
Accommodation and Food Services icon
Accommodation and Food Services
Health Care and Social Assistance icon
Health Care and Social Assistance
Arts, Entertainment, and Recreation icon
Arts, Entertainment, and Recreation
Management of Companies and Enterprises icon
Management of Companies and Enterprises
Agriculture, Forestry, Fishing and Hunting icon
Agriculture, Forestry, Fishing and Hunting
Other Services (except Public Administration) icon
Other Services (except Public Administration)
Professional, Scientific, and Technical Services icon
Professional, Scientific, and Technical Services
Administrative and Support and Waste Management and Remediation Services icon
Administrative and Support and Waste Management and Remediation Services

Focus on What Matters

See everything.Identify true risk.Proactively mitigate threats.Book a Demo

Let's talk!