1. Home
  2. CVE Database
  3. CVE-2020-3543
MEDIUM · 6.5

CVE-2020-3543

A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denia...

Vulnerability Description

A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DOS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
Cisco8000P Ip Camera Firmware1.0.9-4
Cisco8000P Ip Camera-
Cisco8020 Ip Camera Firmware1.0.9-4
Cisco8020 Ip Camera-
Cisco8030 Ip Camera Firmware1.0.9-4
Cisco8030 Ip Camera-
Cisco8070 Ip Camera Firmware1.0.9-4
Cisco8070 Ip Camera-
Cisco8400 Ip Camera Firmware1.0.9-4
Cisco8400 Ip Camera-
Cisco8620 Ip Camera Firmware1.0.9-4
Cisco8620 Ip Camera-
Cisco8630 Ip Camera Firmware1.0.9-4
Cisco8630 Ip Camera-
Cisco8930 Speed Dome Ip Camera Firmware1.0.9-4
Cisco8930 Speed Dome Ip Camera-

Related Weaknesses (CWE)

CWE-401CWE-400

References

FAQ

What is CVE-2020-3543?

CVE-2020-3543 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denia...

How severe is CVE-2020-3543?

CVE-2020-3543 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-3543?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco 8000P Ip Camera Firmware, Cisco 8000P Ip Camera, Cisco 8020 Ip Camera Firmware, Cisco 8020 Ip Camera, Cisco 8030 Ip Camera Firmware.