June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability
February 6, 2020
Rewterz Threat Advisory – CVE-2020-6969 – ICS: AutomationDirect C-More Touch Panels
February 6, 2020
Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability
February 6, 2020
Rewterz Threat Advisory – CVE-2020-6969 – ICS: AutomationDirect C-More Touch Panels
February 6, 2020
Severity
High
Analysis Summary
The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device.
Impact
- Privilege escalation
- Arbitrary code execution
Affected Vendors
Cisco
Remediation
Please refer to vendor’s advisory for the list of affected products and patches.
