CVE-2020-6776 – This CVE describes a Cross-Site Request Forgery... (How to Fix)

Q: What is the severity of CVE-2020-6776?

CVE-2020-6776 has a CVSS score of 8.8 (HIGH). This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Bosch PRAESIDEO and PRAESENSA public address systems. Unauthenticated attackers can trick authenticated users into executing malicious actions like creating/modifying accounts, changing configurations, or causing denial-of-service. Affected systems include Bosch PRAESIDEO up to version 4.41 and Bosch PRAESENSA up to version 1.10.

📋 TL;DR

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Bosch PRAESIDEO and PRAESENSA public address systems. Unauthenticated attackers can trick authenticated users into executing malicious actions like creating/modifying accounts, changing configurations, or causing denial-of-service. Affected systems include Bosch PRAESIDEO up to version 4.41 and Bosch PRAESENSA up to version 1.10.

💻 Affected Systems

Products:

Bosch PRAESIDEO
Bosch PRAESENSA

Versions: PRAESIDEO: up to and including 4.41, PRAESENSA: up to and including 1.10

Operating Systems: Embedded system firmware

Default Config Vulnerable: ⚠️ Yes

Notes: For PRAESIDEO 4.31+ and all PRAESENSA versions, confidentiality impact is low as credentials aren't displayed in web interface.

📦 What is this software?

Praesensa Firmware by Bosch

View all CVEs affecting Praesensa Firmware →

Praesideo Firmware by Bosch

View all CVEs affecting Praesideo Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where attacker gains administrative privileges, modifies all configurations, creates backdoor accounts, and causes permanent denial-of-service.

🟠

Likely Case

Attacker modifies system settings, creates unauthorized user accounts, or disrupts public address system functionality.

🟢

If Mitigated

Limited impact with proper CSRF protections, network segmentation, and user awareness training.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires social engineering to trick authenticated users into clicking malicious links or submitting forms.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: PRAESIDEO: version 4.42 or later, PRAESENSA: version 1.11 or later

Vendor Advisory: https://psirt.bosch.com/security-advisories/bosch-sa-538331-bt.html

Restart Required: Yes

Instructions:

1. Download latest firmware from Bosch support portal. 2. Backup current configuration. 3. Apply firmware update following vendor documentation. 4. Verify update completed successfully. 5. Restore configuration if needed.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add anti-CSRF tokens to web interface forms and validate them server-side.

Network Segmentation

all

Isolate public address systems from general network and restrict web interface access.

🧯 If You Can't Patch

Implement strict access controls to limit web interface access to trusted networks only
Educate users about phishing risks and implement browser security extensions that block CSRF attempts

🔍 How to Verify

Check if Vulnerable:

Check system firmware version via web interface or device console. Compare against affected versions.

Check Version:

Check via web interface: System > About or via console command specific to device model

Verify Fix Applied:

Verify firmware version is PRAESIDEO 4.42+ or PRAESENSA 1.11+ and test CSRF protection mechanisms.

📡 Detection & Monitoring

Log Indicators:

Unexpected configuration changes
New user account creation
Multiple failed login attempts followed by successful changes

Network Indicators:

Unusual HTTP POST requests to management interface from unexpected sources
Requests missing CSRF tokens

SIEM Query:

source="bosch_pa_system" AND (event="config_change" OR event="user_create") AND user_agent="*malicious*"

📊 Metadata

CVE ID: CVE-2020-6776

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: January 14, 2021

Last Updated: November 21, 2024

🔗 References

https://psirt.bosch.com/security-advisories/bosch-sa-538331-bt.html Vendor Advisory
https://psirt.bosch.com/security-advisories/bosch-sa-538331-bt.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6776, you might also want to check these: