A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Experts tracked the set as CDPwn and warned that the issues could be exploited by attackers to take complete control of vulnerable devices. CDP is a proprietary Data Link Layer protocol developed by Cisco Systems in 1994 that is used to share information about other directly connected Cisco equipment, including the operating system version and IP address. The flaws were tracked as CVE-2020-3120, CVE-2019-3119 and CVE-1919.”]
Source: https://securityaffairs.co/wordpress/97407/hacking/cdpwn-cdp-flaws.html