Cyber Resilience

CVE-2020-5849

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 16 March 2020

Published
16 March 2020
Modified
17 March 2026
KEV Added
03 November 2021
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.9376 99.9th percentile
Risk Priority 91 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-5849 is a high-severity Incorrect Comparison (CWE-697) vulnerability in Unraid Unraid. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).

Deeper analysis

Unraid 6.8.0 contains an authentication bypass vulnerability tracked as CVE-2020-5849 and assigned CWE-697. The flaw received a CVSS 3.1 base score of 7.5 reflecting network attack vector, low complexity, and no required credentials or user interaction, resulting in high confidentiality impact while leaving integrity and availability unaffected.

Unauthenticated attackers with network access can exploit the issue to bypass authentication controls. Successful exploitation grants the ability to access restricted resources or data that would otherwise require valid credentials.

Public references, including disclosures on Packet Storm and detailed analyses from Sysdream, link the bypass to unauthenticated remote code execution as root on the affected Unraid release; the vendor’s announcement forum provides the primary channel for subsequent updates. No information on confirmed in-the-wild exploitation is supplied in the source data.

EU & UK References

Vulnerability details

Unraid 6.8.0 allows authentication bypass.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

unraid
unraid
6.8.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces authentication and authorization decisions so that the bypass of credential checks cannot grant access to restricted resources.

prevent

Requires unique identification and authentication of users before allowing access, directly blocking the unauthenticated network exploitation path described in the CVE.

AC-17 Remote Access partial match
prevent

Restricts and authorizes remote connections, limiting the network attack vector that enables the authentication bypass without credentials.

References