CVE-2020-35561 Explained : Impact and Mitigation

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24, and Helmholz myREX24 and myREX24.virtual through v2.11.2, allowing an unauthenticated attacker to perform SSRF attacks.

Understanding CVE-2020-35561

This CVE involves a Server-Side Request Forgery (SSRF) vulnerability in various products of MB connect line and Helmholz.

What is CVE-2020-35561?

CVE-2020-35561 is a security vulnerability found in MB connect line mymbCONNECT24, mbCONNECT24, and Helmholz myREX24 and myREX24.virtual versions up to v2.11.2. The vulnerability enables an unauthenticated attacker to conduct SSRF attacks through the HA module.

The Impact of CVE-2020-35561

The vulnerability has a CVSS base score of 5.3, categorizing it as a medium severity issue. It poses a low confidentiality impact and no integrity or availability impact.

Technical Details of CVE-2020-35561

This section provides more in-depth technical insights into the vulnerability.

Vulnerability Description

The vulnerability allows unauthenticated attackers to scan for open ports through the SSRF in the HA module.

Affected Systems and Versions

MB connect line mymbCONNECT24, mbCONNECT24, all versions up to v2.11.2
Helmholz myREX24 and myREX24.virtual, all versions up to v2.11.2

Exploitation Mechanism

The vulnerability can be exploited by sending crafted requests to the affected systems, triggering the SSRF in the HA module.

Mitigation and Prevention

To address CVE-2020-35561, users and organizations should take immediate and long-term security measures.

Immediate Steps to Take

Update the affected systems to version 2.12.1 to mitigate the vulnerability.

Long-Term Security Practices

Implement network segmentation to limit the impact of potential SSRF attacks.
Regularly monitor and audit network traffic for suspicious activities.

Patching and Updates

Stay informed about security advisories and updates from MB connect line and Helmholz to apply patches promptly.