CVE-2020-3506

Name of the Vulnerable Software and Affected Versions: Cisco Video Surveillance 8000 Series IP Cameras (affected versions not specified)

Description: The issue exists due to insufficient input validation in the Cisco Discovery Protocol implementation. This could allow a remote attacker to execute arbitrary code or cause a reload of the affected IP camera. The vulnerabilities can be exploited by sending a malicious Cisco Discovery Protocol packet to the targeted device. A successful exploit could result in code execution on the affected device or cause it to reload unexpectedly, leading to a denial of service condition. Note that the attacker must be in the same broadcast domain as the affected device to exploit these vulnerabilities, as Cisco Discovery Protocol is a Layer 2 protocol.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.