CVE-2022-20824

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified) Cisco NX-OS Software (affected versions not specified)

Description A vulnerability in the Cisco Discovery Protocol feature could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This issue is due to improper input validation of specific values within a Cisco Discovery Protocol message. An attacker could exploit this by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, resulting in a DoS condition. The attacker must be in the same broadcast domain as the affected device to exploit this vulnerability.

Recommendations For Cisco FXOS Software, update to a version that fixes the improper input validation issue in the Cisco Discovery Protocol feature. For Cisco NX-OS Software, update to a version that fixes the improper input validation issue in the Cisco Discovery Protocol feature. As a temporary workaround, consider restricting access to the Cisco Discovery Protocol to minimize the risk of exploitation.