Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities<p>Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following:</p>
<ul>
<li>Execute code on the affected device or cause it to reload unexpectedly</li>
<li>Cause LLDP database corruption on the affected device</li>
</ul>
<p>For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory.</p>
<p><strong>Note:</strong> LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).</p>
<p>Cisco has released firmware updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T</a></p>
Security Impact Rating: High
CVE: CVE-2021-34775,CVE-2021-34776,CVE-2021-34777,CVE-2021-34778,CVE-2021-34779,CVE-2021-34780
Source: Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Small%20Business%20220%20Series%20Smart%20Switches%20Link%20Layer%20Discovery%20Protocol%20Vulnerabilities&vs_k=1)