CVE-2020-5847
Published: 16 March 2020
Summary
CVE-2020-5847 is a critical-severity an unspecified weakness vulnerability in Unraid Unraid. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-17 (Remote Access) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2020-5847 is a remote code execution vulnerability affecting Unraid versions through 6.8.0. It carries a CVSS v3.1 base score of 9.8 and is classified under NVD-CWE-Other.
The flaw enables unauthenticated attackers to bypass authentication and achieve arbitrary code execution as root over the network. Public exploit code demonstrating the authentication bypass and code execution has been posted to PacketStorm.
Reference materials from Sysdream and the Unraid forums describe the issue as unauthenticated remote code execution as root in version 6.8.0, with additional technical analysis available at the listed URLs. No specific mitigation details such as patch versions or configuration changes are provided in the source data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-27001
Vulnerability details
Unraid through 6.8.0 allows Remote Code Execution.
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly blocks the unauthenticated authentication bypass and subsequent root-level code execution by enforcing access-control policy before any action is permitted.
Requires authenticated, authorized, and monitored remote-access paths, eliminating the open network vector used by the exploit.
Mandates prompt application of vendor patches that close the specific unauthenticated RCE flaw in Unraid ≤6.8.0.