Cisco has released patches to address the five vulnerabilities, which could lead to remote code-execution and denial of service. The flaws specifically exist in the parsing of CDP packets, within the protocol s implementation in various Cisco products, from its IOS XR software to IP cameras. CDP aids in mapping the presence of other Cisco products in the network and is implemented in virtually all Cisco products including switches, routers, IP phones and IP cameras and does not offer the ability to turn it off. Cisco issued patches on Wednesday addressing the five flaws, and is urging users to update as soon as possible.
Source: https://threatpost.com/critical-cisco-cdpwn-flaws-network-segmentation/152546/