Cisco has issued patches for high-severity vulnerabilities plaguing its Webex video-conferencing system, its video surveillance IP cameras and its Identity Services Engine network administration product. The most severe of these is a flaw (CVE-2020-3544) in Cisco s Video Surveillance Surveillance 8000 Series IP Cameras, which ranks 8.8 out of 10 on the CVSS scale. The vulnerability is due to missing checks when an IP camera processes a CDP packet. To exploit the flaw, an attacker does not need to be authenticated but must be in the same broadcast domain as the affected device.
Source: https://threatpost.com/cisco-webex-security-camera-flaws/159969/