CVE-2020-3119:Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability (CVE-2020-3119)

splash
Back

Description Preview

A critical vulnerability in the Cisco Discovery Protocol (CDP) implementation for Cisco NX-OS Software allows an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a device reload. The vulnerability stems from improper input validation in the CDP parser for certain message fields, which can lead to a stack overflow condition. An attacker in the same broadcast domain as the affected device can exploit this by sending a malicious CDP packet.

Overview

CVE-2020-3119 is a stack overflow vulnerability in Cisco NX-OS Software's CDP implementation. The flaw exists because the CDP parser fails to properly validate input for certain fields in CDP messages. This is classified as a CWE-787 (Out-of-bounds Write) vulnerability. Since CDP is a Layer 2 protocol, an attacker must be in the same broadcast domain (Layer 2 adjacent) as the vulnerable device to exploit it. Successful exploitation allows arbitrary code execution with administrative privileges or causes a device reload, potentially leading to complete device takeover.

Remediation

To address this vulnerability, administrators should:

  1. Update affected Cisco NX-OS Software to a patched version as specified in the Cisco Security Advisory (cisco-sa-20200205-nxos-cdp-rce).
  2. If immediate patching is not possible, consider these mitigations:
    • Disable CDP on interfaces where it's not operationally required
    • Implement proper network segmentation to limit the potential attack surface
    • Monitor for suspicious CDP traffic in the network
  3. Review network security architecture to ensure proper segmentation of management networks.
  4. Follow Cisco's best practices for securing network infrastructure devices.

References

  1. Cisco Security Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce
  2. Packet Storm Security Advisory: http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
  3. MITRE CWE-787: https://cwe.mitre.org/data/definitions/787.html
  4. CVE-2020-3119 in the National Vulnerability Database

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing: Low
    Manufacturing
  2. Public Administration: Low
    Public Administration
  3. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  4. Retail Trade: Low
    Retail Trade
  5. Finance and Insurance: Low
    Finance and Insurance
  6. Transportation & Warehousing: Low
    Transportation & Warehousing
  7. Educational Services: Low
    Educational Services
  8. Utilities: Low
    Utilities
  9. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  10. Accommodation & Food Services: Low
    Accommodation & Food Services
  11. Information: Low
    Information
  12. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  15. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  16. Construction: Low
    Construction
  17. Mining: Low
    Mining
  18. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  19. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background