CVE-2021-1597

Name of the Vulnerable Software and Affected Versions Cisco Video Surveillance 7000 Series IP Cameras (affected versions not specified)

Description The issue is related to the implementation of the Link Layer Discovery Protocol (LLDP) in the software of Cisco Video Surveillance 7000 Series IP Cameras, which is associated with a memory leak. An attacker could exploit this by sending crafted LLDP packets to an affected device, potentially causing a denial of service (DoS) condition due to continuous memory consumption, leading to device crash and reload. The exploitation requires the attacker to be in the same broadcast domain as the affected device.

Recommendations For Cisco Video Surveillance 7000 Series IP Cameras, consider disabling the LLDP protocol as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation by ensuring only trusted devices are in the same broadcast domain. Avoid using the affected devices in untrusted networks until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.