CVE-2020-16100 : What You Need to Know
Discover the impact of CVE-2020-16100 on Command Centre by Gallagher. Learn about the vulnerability allowing unauthenticated remote DCOM websocket connections to crash the service's DCOM websocket thread.
Command Centre by Gallagher is susceptible to a vulnerability that allows an unauthenticated remote DCOM websocket connection to crash the service's DCOM websocket thread. This issue affects versions prior to 8.20.1166 (MR3), 8.10.1211 (MR5), 8.00.1228 (MR6), and all versions of 7.90 and earlier.
Understanding CVE-2020-16100
Command Centre, a product by Gallagher, is impacted by a vulnerability that can be exploited by an unauthenticated remote attacker.
What is CVE-2020-16100?
The vulnerability in Command Centre allows an unauthenticated remote DCOM websocket connection to crash the service's DCOM websocket thread due to improper shutdown of closed websocket connections. This results in the service being unable to accept future DCOM websocket (Configuration Client) connections.
The Impact of CVE-2020-16100
The vulnerability has a CVSS base score of 7.5, indicating a high severity issue with a significant impact on availability. It does not affect confidentiality or integrity and requires no privileges for exploitation.
Technical Details of CVE-2020-16100
Command Centre's vulnerability details and affected systems.
Vulnerability Description
- CWE-404: Improper Resource Shutdown or Release
Affected Systems and Versions
- Product: Command Centre
- Vendor: Gallagher
- Affected Versions:
- Command Centre v8.20 (custom) less than 8.20.1166 (MR3)
- Command Centre v8.10 (custom) less than 8.10.1211 (MR5)
- Command Centre v8.00 (custom) less than 8.00.1228 (MR6)
- Command Centre v7.90 and earlier
Exploitation Mechanism
The vulnerability can be exploited through an unauthenticated remote DCOM websocket connection, causing a crash in the service's DCOM websocket thread.
Mitigation and Prevention
Steps to mitigate and prevent the CVE-2020-16100 vulnerability.
Immediate Steps to Take
- Apply vendor-provided patches or updates promptly.
- Monitor network traffic for any suspicious activity.
- Restrict network access to the affected systems.
Long-Term Security Practices
- Regularly update and patch software and systems.
- Implement network segmentation to limit the impact of potential attacks.
- Conduct security training for employees to recognize and report suspicious activities.
Patching and Updates
- Gallagher may release patches or updates to address the vulnerability. Stay informed about security advisories and apply patches as soon as they are available.