CVE-2020-14944 – This CVE describes a critical authorization byp... (How to Fix)

Q: What is the severity of CVE-2020-14944?

CVE-2020-14944 has a CVSS score of 9.8 (CRITICAL). This CVE describes a critical authorization bypass vulnerability in Global RADAR BSA Radar software versions 1.6.7234.24750 and earlier. Attackers can manipulate user accounts through vulnerable functions like ChangePassword, SaveUserProfile, and GetUser without proper authentication. Organizations using affected versions are at risk of account takeover and data manipulation.

📋 TL;DR

This CVE describes a critical authorization bypass vulnerability in Global RADAR BSA Radar software versions 1.6.7234.24750 and earlier. Attackers can manipulate user accounts through vulnerable functions like ChangePassword, SaveUserProfile, and GetUser without proper authentication. Organizations using affected versions are at risk of account takeover and data manipulation.

💻 Affected Systems

Products:

Global RADAR BSA Radar

Versions: 1.6.7234.24750 and earlier

Operating Systems: Windows (based on typical deployment patterns)

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of affected versions are vulnerable regardless of configuration.

📦 What is this software?

Bsa Radar by Globalradar

View all CVEs affecting Bsa Radar →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all user accounts, allowing attackers to change passwords, modify profiles, and potentially gain administrative access to the entire system.

🟠

Likely Case

Targeted account takeover of specific users, leading to unauthorized access to sensitive data and potential privilege escalation.

🟢

If Mitigated

Unauthorized access attempts are logged and blocked, with no successful account manipulation.

🌐 Internet-Facing: HIGH - The vulnerability can be exploited remotely via CSRF attacks as referenced in the advisory links.

🏢 Internal Only: HIGH - Even internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction via CSRF attacks or direct API calls. Public proof-of-concept code is available in GitHub repositories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 1.6.7234.24750

Vendor Advisory: Not provided in references

Restart Required: Yes

Instructions:

1. Contact Global RADAR for patched version. 2. Backup current installation. 3. Apply vendor-provided patch or upgrade to fixed version. 4. Restart the BSA Radar service.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add CSRF tokens to all forms and API endpoints to prevent cross-site request forgery attacks.

Network Segmentation

all

Restrict access to BSA Radar application to trusted networks only.

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block unauthorized access to vulnerable endpoints
Monitor and alert on suspicious account modification activities

🔍 How to Verify

Check if Vulnerable:

Check BSA Radar version in application interface or configuration files. If version is 1.6.7234.24750 or earlier, system is vulnerable.

Check Version:

Check application interface or configuration files for version information (no standard CLI command available)

Verify Fix Applied:

Verify version is updated beyond 1.6.7234.24750 and test authorization controls on ChangePassword, SaveUserProfile, and GetUser functions.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to user management functions
Multiple failed authentication attempts followed by successful account modifications
Unusual patterns in user profile changes

Network Indicators:

HTTP requests to ChangePassword, SaveUserProfile, or GetUser endpoints without proper authentication headers
CSRF attack patterns in web traffic

SIEM Query:

source="bsa_radar_logs" AND (event="ChangePassword" OR event="SaveUserProfile" OR event="GetUser") AND user="*" AND auth_status="failed"

📊 Metadata

CVE ID: CVE-2020-14944

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-862

Published: June 22, 2020

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/158372/BSA-Radar-1.6.7234.24750-Cross-Site-Request-Forgery.html Exploit,Third Party Advisory,VDB Entry
https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities Third Party Advisory
https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14944%20-%20Access%20Control%20Vulnerabilities.md Exploit,Third Party Advisory
http://packetstormsecurity.com/files/158372/BSA-Radar-1.6.7234.24750-Cross-Site-Request-Forgery.html Exploit,Third Party Advisory,VDB Entry
https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities Third Party Advisory
https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14944%20-%20Access%20Control%20Vulnerabilities.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-14944, you might also want to check these: